change name of reverse nginx
This commit is contained in:
parent
a04a58790e
commit
47aba5f054
|
@ -53,5 +53,5 @@ else
|
||||||
f_build_and_push $directory $FORCE_BUILD
|
f_build_and_push $directory $FORCE_BUILD
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
#git push --mirror git@github.com:Dryusdan/Dockerfiles.git
|
git push --mirror git@github.com:Dryusdan/Dockerfiles.git
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
exec tor
|
|
BIN
reverse-proxy/.Dockerfile.swp
Normal file
BIN
reverse-proxy/.Dockerfile.swp
Normal file
Binary file not shown.
|
@ -98,7 +98,7 @@ RUN export BUILD_DEPS="build-base \
|
||||||
COPY rootfs /
|
COPY rootfs /
|
||||||
RUN chmod +x /usr/local/bin/startup /etc/s6.d/*/*
|
RUN chmod +x /usr/local/bin/startup /etc/s6.d/*/*
|
||||||
|
|
||||||
EXPOSE 8080 8443
|
EXPOSE 80 443
|
||||||
|
|
||||||
ENTRYPOINT ["/usr/local/bin/startup"]
|
ENTRYPOINT ["/usr/local/bin/startup"]
|
||||||
CMD ["/bin/s6-svscan", "/etc/s6.d"]
|
CMD ["/bin/s6-svscan", "/etc/s6.d"]
|
3
reverse-proxy/rootfs/etc/s6.d/tor/run
Normal file
3
reverse-proxy/rootfs/etc/s6.d/tor/run
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
#exec tor -f /etc/tor/torrc
|
|
@ -1,5 +1,5 @@
|
||||||
server {
|
server {
|
||||||
listen 8080;
|
listen 80;
|
||||||
server_name <frontend_domain>;
|
server_name <frontend_domain>;
|
||||||
include /nginx/conf.d/headers.conf;
|
include /nginx/conf.d/headers.conf;
|
||||||
include /nginx/path.d/<frontend_domain>/*.conf;
|
include /nginx/path.d/<frontend_domain>/*.conf;
|
|
@ -1,6 +1,6 @@
|
||||||
server {
|
server {
|
||||||
listen 8080;
|
listen 80;
|
||||||
server_name <frontend_domain>;
|
server_name <frontend_domain> <onion_domain>;
|
||||||
|
|
||||||
rewrite ^ https://<frontend_domain>:443$request_uri? permanent;
|
rewrite ^ https://<frontend_domain>:443$request_uri? permanent;
|
||||||
}
|
}
|
||||||
|
@ -8,8 +8,8 @@ server {
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
|
||||||
listen 8443 ssl http2;
|
listen 443 ssl http2;
|
||||||
server_name <frontend_domain>;
|
server_name <frontend_domain> <onion_domain>;
|
||||||
index index.html index.php index.htm;
|
index index.html index.php index.htm;
|
||||||
|
|
||||||
ssl_certificate /nginx/ssl/certificates/<frontend_domain>.crt;
|
ssl_certificate /nginx/ssl/certificates/<frontend_domain>.crt;
|
|
@ -37,15 +37,20 @@ f_gen_sites_enabled() {
|
||||||
fi
|
fi
|
||||||
if [ "${FRONTEND_TOR}" == "true" ]; then
|
if [ "${FRONTEND_TOR}" == "true" ]; then
|
||||||
if [ -d /tor/${FRONTEND_DOMAIN}/ ]; then
|
if [ -d /tor/${FRONTEND_DOMAIN}/ ]; then
|
||||||
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN} $(`cat /tor/${FRONTEND_DOMAIN}/hostname`)'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
ONION_DOMAIN=$(cat /tor/${FRONTEND_DOMAIN}/hostname)
|
||||||
|
echo "HiddenServiceDir /tor/"${FRONTEND_DOMAIN}"/" >> /etc/tor/torrc
|
||||||
|
echo "HiddenServicePort 443 127.0.0.1:443" >> /etc/tor/torrc
|
||||||
|
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' \
|
||||||
|
-e 's|<onion_domain>|'${ONION_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
||||||
else
|
else
|
||||||
echo "HiddenServiceDir /var/lib/tor/"${FRONTEND_DOMAIN}"/" >> /usr/local/etc/tor/torrc
|
echo "HiddenServiceDir /tor/"${FRONTEND_DOMAIN}"/" >> /etc/tor/torrc
|
||||||
echo "HiddenServicePort 443 127.0.0.1:443" >> /usr/local/etc/tor/torrc
|
echo "HiddenServicePort 443 127.0.0.1:443" >> /etc/tor/torrc
|
||||||
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN} $(`cat /tor/${FRONTEND_DOMAIN}/hostname`)'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
echo "Please restard your container"
|
||||||
fi
|
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
sed -e 's|<frontend_domain>|'${FRONTEND_DOMAIN}'|' \
|
||||||
|
-e 's|<onion_domain>| |' ${template_sites} > /nginx/sites-enabled/${FRONTEND_DOMAIN}.conf
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -171,8 +176,7 @@ f_log INF "Create user 'reverse'"
|
||||||
addgroup -g ${GID} reverse && adduser -H -s /bin/sh -D -G reverse -u ${UID} reverse
|
addgroup -g ${GID} reverse && adduser -H -s /bin/sh -D -G reverse -u ${UID} reverse
|
||||||
f_log INF "Create folder"
|
f_log INF "Create folder"
|
||||||
mkdir -p /nginx/sites-enabled /nginx /nginx/log /nginx/run /nginx/sites-enabled /nginx/ssl /nginx/ssl/selfsigned/dhparam
|
mkdir -p /nginx/sites-enabled /nginx /nginx/log /nginx/run /nginx/sites-enabled /nginx/ssl /nginx/ssl/selfsigned/dhparam
|
||||||
|
mkdir -p /home/reverse/.tor
|
||||||
|
|
||||||
# Generate file
|
# Generate file
|
||||||
for container in $(curl --unix-socket /var/run/docker.sock http://localhost/containers/json 2> /dev/null | jq '.[].Names' | sed 's|.*"/\(.*\)"$|\1|;/\[/d;/\]/d'); do
|
for container in $(curl --unix-socket /var/run/docker.sock http://localhost/containers/json 2> /dev/null | jq '.[].Names' | sed 's|.*"/\(.*\)"$|\1|;/\[/d;/\]/d'); do
|
||||||
CONTAINER_LABELS=$(curl --unix-socket /var/run/docker.sock http://localhost/containers/${container}/json 2> /dev/null | jq '.Config.Labels' | grep -E "reverse\." | sed 's|.*"\(.*\)": "\(.*\)".*$|\1 \2|')
|
CONTAINER_LABELS=$(curl --unix-socket /var/run/docker.sock http://localhost/containers/${container}/json 2> /dev/null | jq '.Config.Labels' | grep -E "reverse\." | sed 's|.*"\(.*\)": "\(.*\)".*$|\1 \2|')
|
||||||
|
@ -180,7 +184,7 @@ for container in $(curl --unix-socket /var/run/docker.sock http://localhost/cont
|
||||||
done
|
done
|
||||||
|
|
||||||
f_log INF "Apply permissions"
|
f_log INF "Apply permissions"
|
||||||
chown -R reverse:reverse /nginx /etc/s6.d
|
chown -R reverse:reverse /nginx /etc/s6.d /tor/ /home/reverse/.tor
|
||||||
chmod +x /usr/local/bin/check_certs
|
chmod +x /usr/local/bin/check_certs
|
||||||
find /etc/s6.d -name run -exec chmod +x {} \;
|
find /etc/s6.d -name run -exec chmod +x {} \;
|
||||||
find /etc/s6.d -name finish -exec chmod +x {} \;
|
find /etc/s6.d -name finish -exec chmod +x {} \;
|
||||||
|
@ -193,5 +197,5 @@ if [ $# -gt 0 ]; then
|
||||||
exec su-exec reverse:reverse "$@"
|
exec su-exec reverse:reverse "$@"
|
||||||
else
|
else
|
||||||
exec su-exec reverse:reverse /bin/s6-svscan /etc/s6.d
|
exec su-exec reverse:reverse /bin/s6-svscan /etc/s6.d
|
||||||
exec su-exec tor:tor /bin/s6-svscan /etc/s6-tor.d
|
|
||||||
fi
|
fi
|
||||||
|
|
Reference in a new issue