{"id":20901604,"url":"https://github.com/willfarrell/docker-nginx","last_synced_at":"2025-10-03T21:21:35.817Z","repository":{"id":142528718,"uuid":"76667429","full_name":"willfarrell/docker-nginx","owner":"willfarrell","description":"prebuild configs for nginx including letsencrypt bootstrapping","archived":false,"fork":false,"pushed_at":"2018-07-17T02:10:02.000Z","size":59,"stargazers_count":5,"open_issues_count":3,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-01T15:48:03.598Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willfarrell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-12-16T16:14:08.000Z","updated_at":"2019-02-05T11:41:31.000Z","dependencies_parsed_at":null,"dependency_job_id":"4223e044-91e1-4fb7-a6fd-b97a18625a85","html_url":"https://github.com/willfarrell/docker-nginx","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-nginx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-nginx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-nginx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fdocker-nginx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willfarrell","download_url":"https://codeload.github.com/willfarrell/docker-nginx/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253867349,"owners_count":21976209,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T11:36:12.012Z","updated_at":"2025-10-03T21:21:35.748Z","avatar_url":"https://github.com/willfarrell.png","language":"Shell","readme":"# nginx\n\nbase nginx image w/ prebuild nginx confs\n\n## Use\n```Dockerfile\nFROM willfarrell/nginx\n\nCOPY etc/nginx/conf/csp_policies.conf /etc/nginx/conf/\n\nCOPY etc/nginx/conf.d/ /etc/nginx/conf.d/\nCOPY www /var/www\n```\n\n## Testing\n```bash\ndocker build -t base_nginx .\ndocker rm -f base_nginx\ndocker run --name base_nginx -p 80:80 -p 443:443 base_nginx\n```\n\n```bash\ndocker-compose build\ndocker-compose up -d\n```\n\n## letsencrypt\ndocker build --tag letsencrypt letsencrypt\ndocker stop letsencrypt\ndocker rm letsencrypt\n\n# private\ndocker run \\\n    --volumes-from nginx_nginx_1 \\\n    --env-file letsencrypt.env \\\n    willfarrell/letsencrypt \\\n    dehydrated \\\n        --cron --domain certbot.willfarrell.ca \\\n        --hook dehydrated-dns \\\n        --challenge dns-01\n\n# tmp\ndocker run \\\n    --volumes-from nginx_nginx_1 \\\n    --env-file letsencrypt.env \\\n    willfarrell/letsencrypt \\\n    ls /etc/ssl\n\n# public\ndocker run -d \\\n    --volumes-from nginx_nginx_1 \\\n    --env-file letsencrypt.env \\\n    willfarrell/letsencrypt \\\n    dehydrated \\\n        --cron --domain certbot.willfarrell.ca \\\n        --challenge http-01\n\ndocker exec -it nginx_nginx_1 /etc/scripts/make_hpkp\ndocker exec -it nginx_nginx_1 /etc/init.d/nginx reload                                                                          \n\n## ENV\n```bash\n# development: self-signed cert\n# staging: untrusted letsencrypt signed cert\n# production: trusted letsencrypt signed cert\nNGINX_ENV={development,staging,production}\nNGINX_DOMAIN=\n\nCERTBOT_EMAIL=\n#CERTBOT_RENEW_PERIOD=1296000\n\nHPKP_BACKUP_CERT_1=/etc/ssl/certs/COMODO_Certification_Authority.pem\nHPKP_BACKUP_CERT_2=/etc/ssl/certs/GlobalSign_Root_CA.pem\nHPKP_REPORT_URI=https://*****.report-uri.io/r/default/hpkp/enforce\n\nCSP_REPORT_URI=https://*****.report-uri.io/r/default/csp/enforce\n```\n\n## Sample.conf\n```\nserver_tokens off;\n\ninclude\t\tconf/logging.conf;\ninclude\t\tconf/csp_policies.conf;\ninclude\t\tconf/timeout.conf;\ninclude\t\tconf/forcehttps.conf;\n\nproxy_cache_path /tmp/cache keys_zone=microcache:10m levels=1:2 inactive=300s max_size=100m use_temp_path=off;\n\nserver {\n    server_name $host;\n\n    listen 443 ssl http2;\n    listen [::]:443 ssl http2;\n\tinclude\t\tconf/https.ecdsa.conf;\n\n    access_log  /var/log/nginx/access.log logstash_params buffer=256k flush=10s;\n\terror_log\t/var/log/nginx/error.log;\n\n\troot\t\t/var/www;\n\n\tgzip_static on;\n\n    # Custom Error Pages\n\terror_page 504 /504.json;\n    location = /504.json {\n        root /usr/share/nginx/html;\n        internal;\n    }\n\n\tlocation / {\n        include     conf/header/security.conf;\n        include     conf/header/https.conf;\n\t    include\t\tconf/header/cors.conf;\n\n\t    #try_files $uri $uri/index.html =404;\n\t    try_files $uri @rewriteapp;\n    }\n\n    location @rewriteapp {\n        include     conf/header/security.conf;\n        include     conf/header/https.conf;\n\t    include\t    conf/header/cors.conf;\n\t    add_header  X-Request-Id $request_id;\n\t    \n\t    include\t    conf/header/proxy_upgrade.conf;\n\n        include     conf/microcache.conf;\n\n        # Requested here to allow $request_body to get generated\n        access_log        /var/log/nginx/access.log logstash_params buffer=256k flush=10s;\n        proxy_set_header  X-Request-Id $request_id;\n        proxy_pass        http://apigateway;\n\n        # Request Timeout\n        proxy_connect_timeout       120;\n        proxy_send_timeout          120;\n        proxy_read_timeout          120;\n        send_timeout                120;\n    }\n}\n\nupstream apigateway  {\n     keepalive 20;\n     server node:3000 fail_timeout=5s max_fails=5;\n}\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fdocker-nginx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillfarrell%2Fdocker-nginx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fdocker-nginx/lists"}