nginx-proxy

mirror of https://github.com/nginx-proxy/nginx-proxy synced 2024-05-28 18:36:24 +02:00

Author	SHA1	Message	Date
Nicolas Duchon	ab7ac0aadb	fix: backward compatibility w/ DHPARAM_GENERATION Also use true rather than 1 to stay consistent with other boolean environment variables	2021-10-20 19:15:27 +02:00
polarathene	1d2f308cdf	feat: Bring back ability to skip default DH params Adds back the ability to avoid using DH params, provided no file was explicitly supplied. This used to be `DHPARAM_GENERATION=false`, the equivalent is now `DHPARAM_SKIP=1` (default 0). Previous name was no longer appropriate. Ensures that if a user has explicitly provided their own dhparam file to still output a warning instead of the skip message, since `DHPARAM_SKIP=1` doesn't disable the support in nginx.	2021-09-28 21:59:53 +13:00
polarathene	004e4a5cda	chore: Refactor `_setup_dh()` - `DHPARAM_FILE` is a local var not intended for overriding via ENV. Clarified that with `local` declaration. - `FFDHE_GROUP` var uses default assignment (_`:=4096` instead of only substitute `:-4096`_), so that `DHPARAM_BITS` retains the default 4096 value in subsequent references if no custom size was provided. - Refactored the conditional statements to only handle early failure conditions. Shifting out the RFC7919 support that can run after all checks have passed. - Revised comments.	2021-09-28 21:50:11 +13:00
polarathene	a7a2d6e44b	chore: Use direct URL instead of URL shortener Implicit URL is unnecessary (_and presently relies on Github redirecting from it's original mapped URL_). Use an explicit URL instead to reduce the guesswork/trust of where the shortener was going to redirect to.	2021-09-28 21:50:11 +13:00
polarathene	6f7eb8bd97	chore: 6/6 - Update shell syntax - `==` for string equality since we're using bash `[[ test ]]` already. - Uppercase `socket_file` variable to be consistent with other internal variables used in the script. - Convert `[ test ]` to `[[ test ]]` for consistency, improving maintenance. Double-bracket (_not posix compatible_) does not require quoted variables, ShellCheck lint knows this is safe too :) - `-z` test for `$RESOLVERS` is native syntax to check for empty string value. - Referenced variables should generally be wrapped like so `"${VAR}"`. - Variable assignments with string values should be double quotes for content with variables, otherwise use single quotes (_no interpolation_). - Converted my if statements to use the same style used in the rest of the file.	2021-09-28 21:50:11 +13:00
polarathene	0f330b85b1	chore: 5/6 - Shift dhparam method to the bottom Minor change on error message.	2021-09-28 21:50:11 +13:00
polarathene	ed009c0ec8	chore: 4/6 - Extract grouped logic to their own methods	2021-09-28 21:50:11 +13:00
polarathene	091dd855af	chore: 3/6 - Indent function content This is a white-space only change to ease review diff noise.	2021-09-28 21:50:11 +13:00
polarathene	2e6d7561a3	chore: 2/6 - Handle CMD check early, wrap init logic into a function	2021-09-28 21:50:11 +13:00
polarathene	8aacd13241	chore: 1/6 - Inline failure at it's cause This change has been split into 6 iterative parts/commits to ease the review process.	2021-09-28 21:50:11 +13:00
polarathene	ac066a73e4	feat: Replace generated DH params with RFC 7919 standardized DHE groups - While the anonymous VOLUME can be dropped from Dockerfile, the path needs to be valid at run-time, might as well ensure it's available by creating the dhparam folder at build. - Generation logic no longer necessary, dropped. - Standardized RFC 7919 groups added (2048, 3072, 4096), with 4096-bit remaining the default size. The DH logic can live in the entrypoint script as well. - Third-party supplied pre-generated DH params removed as they're not considered trustworthy compared to RFC 7919 groups.	2021-09-28 21:30:02 +13:00
Nicolas Duchon	65a88a0291	Merge branch 'main' into remove_scoped	2021-04-29 22:36:01 +02:00
Nicolas Duchon	ab81ff8df2	style: linting with shellcheck	2021-04-29 03:18:40 +02:00
Nicolas Duchon	c327496495	refactor: do not pass unused positional arguments	2021-04-29 03:18:04 +02:00
Nicolas Duchon	fcfe17a0a4	Merge pull request #1538 from S0obi/patch-1 Update docker-entrypoint.sh comment on DHPARAM default key size	2021-04-02 01:49:36 +02:00
Nicolas Duchon	ad7c02570b	chore: use nginxproxy's DockerHub registry Transitioning away from jwilder/nginx-proxy Please see #1304 for more details	2021-04-01 16:06:09 +02:00
Joe Polny	2bde43c6e9	remove scoped ipv6 resolvers	2021-02-05 19:56:56 +00:00
Thibault Soubiran	aba100ff7b	Update docker-entrypoint.sh Default key size is not 2048 anymore but 4096, reference : https://github.com/nginx-proxy/nginx-proxy/blob/master/generate-dhparam.sh#L4	2020-12-02 13:18:32 +01:00
Jason Wilder	8c590fc68f	Merge pull request #913 from panteparak/DH-Param-Generator-Option Add DH param generator option	2019-03-05 12:46:49 -07:00
Steve Kamerman	5d503b48cb	Added support for IPv6 DNS servers in resolver generation (issue #938 )	2017-10-19 20:58:34 -04:00
Pan Teparak	31d2ed172b	Change ENV variable from GENERATE_DHPARAM to DHPARAM_GENERATION	2017-09-24 15:13:24 +07:00
Pan Teparak	4b22ccdc81	Add ability to opt-out dh param auto generation	2017-08-27 04:40:35 +07:00
Teoh Han Hui	065dd7f1ea	Fix build	2017-07-31 17:46:58 +08:00
Steve Kamerman	0cc71fad49	Add dynamically-computed DNS resolvers to nginx (for PR #574 )	2017-07-31 17:44:27 +08:00
Steve Kamerman	7d253dd0f3	Allow passing DHPARAM_BITS via env, lower bits to 256 for unit tests	2017-01-12 14:55:25 -05:00
Steve Kamerman	dfdd67f5a4	Implemented background dhparam generation	2017-01-11 22:43:09 -05:00
Mike Dillon	f95ff82ad0	Adjust entrypoint to always warn on missing socket Also chmod the entrypoint	2015-09-12 07:23:36 -07:00
Thomas LEVEIL	1aac996019	conform to Docker official images best practices https://github.com/docker-library/official-images/blob/master/README.md#consistency	2015-09-12 10:37:21 +00:00
Thomas LEVEIL	d83ba3da1e	refuse to start if the docker sock isn't available	2015-09-11 23:42:44 +00:00

29 Commits