hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity
dockerfiles/reverse
History
Wonderfall ffdc56fb65 Update README.md
2016-05-27 17:35:12 +02:00
..
Dockerfile
reverse: use openssl and chacha patch
2016-05-27 14:31:06 +02:00
nginx.conf
initial commit
2016-04-11 15:59:32 +02:00
ngxpasswd
reverse: re-add ngxpasswd
2016-04-29 19:15:59 +02:00
README.md
Update README.md
2016-05-27 17:35:12 +02:00
run.sh
reverse: su-exec instead of gosu
2016-04-28 20:21:44 +02:00

README.md

wonderfall/reverse

What is this?

It is nginx statically linked against a custom OpenSSL build, with embedded Brotli support. Secured by default (no root processes, even the master one), it should be safe to use...

Features

  • Based on Alpine Linux.
  • nginx built against OpenSSL.
  • OpenSSL : no weak algorithms.
  • OpenSSL : ChaCha20 ciphers support.
  • nginx : HTTP/2 (+NPN) support.
  • nginx : Brotli compression support (and configured).
  • nginx : no root master process.
  • nginx : AIO Threads support.
  • nginx : no unnessary modules.
  • nginx : optimized configuration.

Notes

It is required to chown your certs files with the right uid/pid and change the listen directive to 8000/4430 instead of 80/443. Linux 3.17+, and the latest Docker stable are recommended.

Volumes

  • /sites-enabled : vhosts files (*.conf)
  • /conf.d : additional configuration files
  • /certs : SSL/TLS certificates
  • /var/log/nginx : nginx logs
  • /passwds : authentication files

Build-time variables

  • NGINX_VERSION : version of nginx
  • OPENSSL_VERSION : version of LibreSSL

Environment variables

  • GID : nginx group id (default : 991)
  • UID : nginx user id (default : 991)

How to use it?

https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration