change name of reverse nginx

This commit is contained in:
Dryusdan 2017-10-21 18:03:42 +02:00
parent a04a58790e
commit 47aba5f054
24 changed files with 28 additions and 24 deletions

View File

@ -53,5 +53,5 @@ else
f_build_and_push $directory $FORCE_BUILD
fi
done
#git push --mirror git@github.com:Dryusdan/Dockerfiles.git
git push --mirror git@github.com:Dryusdan/Dockerfiles.git
fi

View File

@ -1,3 +0,0 @@
#!/bin/sh
exec tor

Binary file not shown.

View File

@ -98,7 +98,7 @@ RUN export BUILD_DEPS="build-base \
COPY rootfs /
RUN chmod +x /usr/local/bin/startup /etc/s6.d/*/*
EXPOSE 8080 8443
EXPOSE 80 443
ENTRYPOINT ["/usr/local/bin/startup"]
CMD ["/bin/s6-svscan", "/etc/s6.d"]

View File

@ -0,0 +1,3 @@
#!/bin/sh
#exec tor -f /etc/tor/torrc

View File

@ -1,6 +1,6 @@
server {
listen 8080;
listen 80;
server_name <frontend_domain>;
include /nginx/conf.d/headers.conf;
include /nginx/path.d/<frontend_domain>/*.conf;
}
}

View File

@ -1,6 +1,6 @@
server {
listen 8080;
server_name <frontend_domain>;
listen 80;
server_name <frontend_domain> <onion_domain>;
rewrite ^ https://<frontend_domain>:443$request_uri? permanent;
}
@ -8,8 +8,8 @@ server {
server {
listen 8443 ssl http2;
server_name <frontend_domain>;
listen 443 ssl http2;
server_name <frontend_domain> <onion_domain>;
index index.html index.php index.htm;
ssl_certificate /nginx/ssl/certificates/<frontend_domain>.crt;

View File

@ -37,15 +37,20 @@ f_gen_sites_enabled() {
fi
if [ "${FRONTEND_TOR}" == "true" ]; then
if [ -d /tor/${FRONTEND_DOMAIN}/ ]; then
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN} $(`cat /tor/${FRONTEND_DOMAIN}/hostname`)'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
ONION_DOMAIN=$(cat /tor/${FRONTEND_DOMAIN}/hostname)
echo "HiddenServiceDir /tor/"${FRONTEND_DOMAIN}"/" >> /etc/tor/torrc
echo "HiddenServicePort 443 127.0.0.1:443" >> /etc/tor/torrc
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' \
-e 's|<onion_domain>|'${ONION_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
else
echo "HiddenServiceDir /var/lib/tor/"${FRONTEND_DOMAIN}"/" >> /usr/local/etc/tor/torrc
echo "HiddenServicePort 443 127.0.0.1:443" >> /usr/local/etc/tor/torrc
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN} $(`cat /tor/${FRONTEND_DOMAIN}/hostname`)'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
fi
echo "HiddenServiceDir /tor/"${FRONTEND_DOMAIN}"/" >> /etc/tor/torrc
echo "HiddenServicePort 443 127.0.0.1:443" >> /etc/tor/torrc
echo "Please restard your container"
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
fi
else
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' \
-e 's|<onion_domain>| |' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
fi
}
@ -171,8 +176,7 @@ f_log INF "Create user 'reverse'"
addgroup -g ${GID} reverse && adduser -H -s /bin/sh -D -G reverse -u ${UID} reverse
f_log INF "Create folder"
mkdir -p /nginx/sites-enabled /nginx /nginx/log /nginx/run /nginx/sites-enabled /nginx/ssl /nginx/ssl/selfsigned/dhparam
mkdir -p /home/reverse/.tor
# Generate file
for container in $(curl --unix-socket /var/run/docker.sock http://localhost/containers/json 2> /dev/null | jq '.[].Names' | sed 's|.*"/\(.*\)"$|\1|;/\[/d;/\]/d'); do
CONTAINER_LABELS=$(curl --unix-socket /var/run/docker.sock http://localhost/containers/${container}/json 2> /dev/null | jq '.Config.Labels' | grep -E "reverse\." | sed 's|.*"\(.*\)": "\(.*\)".*$|\1 \2|')
@ -180,7 +184,7 @@ for container in $(curl --unix-socket /var/run/docker.sock http://localhost/cont
done
f_log INF "Apply permissions"
chown -R reverse:reverse /nginx /etc/s6.d
chown -R reverse:reverse /nginx /etc/s6.d /tor/ /home/reverse/.tor
chmod +x /usr/local/bin/check_certs
find /etc/s6.d -name run -exec chmod +x {} \;
find /etc/s6.d -name finish -exec chmod +x {} \;
@ -190,8 +194,8 @@ f_log SUC "End reverse configuration"
## run s6
if [ $# -gt 0 ]; then
exec su-exec reverse:reverse "$@"
exec su-exec reverse:reverse "$@"
else
exec su-exec reverse:reverse /bin/s6-svscan /etc/s6.d
exec su-exec tor:tor /bin/s6-svscan /etc/s6-tor.d
exec su-exec reverse:reverse /bin/s6-svscan /etc/s6.d
fi