mirror/ nginx-proxy
1
0
Fork 0
mirror of https://github.com/nginx-proxy/nginx-proxy synced 2024-05-12 02:26:06 +02:00
Code Issues
1,038 Commits 8 Branches 30 Tags 22 MiB
Commit Graph

238 Commits

Author SHA1 Message Date
Nicolas Duchon b382d0bbb6
Merge pull request #2250 from SaturnIC-Forks/main 
fix: Replace mDNS .local domain with .internal domain
 2023-05-30 07:28:13 +02:00
Nicolas Duchon edb58755c9
docs: nginx badge 1.25.0 2023-05-30 07:09:23 +02:00
SaturnIC 13eb61a639 fix: Replace mDNS .local domain with .example domain 
See RFC 6762 for details on mDNS .local domain: https://datatracker.ietf.org/doc/html/rfc6762
And RFC 6761 for details on .example domain: https://datatracker.ietf.org/doc/html/rfc6761
 2023-05-23 09:43:30 +02:00
Nicolas Duchon 130fd908fb
docs: update nginx version badge 2023-03-30 20:58:56 +02:00
Richard Hansen 9297e94389
fix: Emit TLS error if there are no certs available 
Before, if neither the vhost-specific cert nor `default.crt` existed,
nginx-proxy would not create the https vhost.  This resulted in nginx
either refusing the connection or serving the wrong vhost depending on
whether there was another https vhost with a certificate.

Now nginx-proxy always creates an https server for a vhost, even if
the vhost-specific certificate and the default certificate are both
missing.  When both certs are missing, nginx is given empty
certificate data to make it possible for it to start up without an
error.  The empty certificate data causes the user to see a TLS error,
which is much easier to troubleshoot than a connection refused error
or serving the wrong vhost.
 2023-02-02 22:02:06 -05:00
Niek 7ca1da8358
feat: Add support for HTTP load balancing between the proxy and upstream server groups (#2173) 
Add initial tests

Newlines

Remove unused variable

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

Change comment value

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

add missing services line

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

Use deploy.replicas

Remove details about choosing a load balancing method

Feedback note

Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com>
 2023-03-21 07:49:27 +01:00
Richard Hansen 49bb37dfdb feat: Add support for HTTP keep-alive between the proxy and upstream 2023-03-14 04:20:17 -04:00
Richard Hansen 2115974e93 feat: Add ability to completely override location blocks 
Co-authored-by: Trent Harvey <trent@harvdog.net>
 2023-01-31 04:53:12 -05:00
Vincent Herlemont aa50116272 Documentation custom log format. 2023-01-27 23:16:49 +01:00
Richard Hansen f8ae0a4b00 feat: `DEFAULT_ROOT=none` disables the default `location /` block 2023-01-23 20:47:00 -05:00
Richard Hansen 8fbc8514ef feat: Unconditionally produce debug comments 
Rationale for eliminating the check to see if the `DEBUG` environment
variable holds a true value:
  * The `DEBUG` environment variable might be set on a container (for
    purposes specific to that container, not `nginx-proxy`) to a value
    that cannot be parsed as a bool, which would break `nginx-proxy`.
  * It simplifies the template.
  * It eliminates a cold code path.
  * It avoids heisenbugs.
  * It makes debugging easier for users.

Also delete the debug info tests, as they are fragile and they provide
limited value.

Alternatively, we could avoid collision with the container's use of
the `DEBUG` environment variable by using a container label [1] such
as `com.google.nginx-proxy.nginx-proxy.debug`.  I think doing so has
dubious value, especially if we want to attempt backwards
compatibility with the `DEBUG` environment variable.

Fixes #2139

[1] https://docs.docker.com/engine/reference/commandline/run/#-set-metadata-on-container--l---label---label-file

Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com>
 2023-01-18 17:27:04 -05:00
浊酒 af877cf784 feat: Add proxy header `X-Forwarded-Host` 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2022-12-26 17:59:50 -05:00
Nicolas Duchon 6f4f9ec20c
Merge pull request #1927 from rhansen/untrusted-headers 
feat: Option to not trust `X-Forwarded-*` headers from clients
 2022-12-26 20:47:05 +01:00
Nicolas Duchon ee0d68c34e
docs: nginx badge 1.23.2 -> 1.23.3 2022-12-23 19:42:48 +01:00
Richard Hansen 8aa00fcea2 feat: Option to not trust `X-Forwarded-*` headers from clients 
If header values from a malicious client are passed to the backend
server unchecked and unchanged, the client may be able to subvert
security checks done by the backend server.
 2022-12-19 02:48:01 -05:00
Richard Hansen 5f15f04556 docs: Document the request headers sent to the backend server 2022-12-19 02:48:01 -05:00
Richard Hansen 9cb21132a4 docs: Sync README.md with default proxy.conf settings 2022-12-19 02:48:01 -05:00
Nicolas Duchon 050d9da7bd
docs: nginx badge 1.21.6 -> 1.23.2 2022-12-01 23:24:53 +01:00
Valère BRON 9218caef71
Simple mistake in DEFAULT_ROOT variable name 
`DEFAUL_ROOT` should be `DEFAULT_ROOT`
 2022-08-23 12:45:45 +02:00
Nicolas Duchon fee27ea712
docs: nginx badge 1.21.5 -> 1.21.6 2022-02-24 16:43:45 +01:00
Nicolas Duchon 12887a977b
docs: update DEFAULT_ROOT documentation 
Co-authored-by: Jonathan Underwood <junderwood@bitcoinbank.co.jp>
 2022-02-24 15:08:17 +01:00
Nicolas Duchon c75622db87
docs: fix typo in README.md 
Co-authored-by: Jonathan Underwood <junderwood@bitcoinbank.co.jp>
 2022-02-24 15:08:17 +01:00
Alexander Lieret 33eab70d32
feat: Add custom location block to virtual paths 
This features allows the custom location blocks to be added to the
virtual path based routing. The custom config can be specified for each
container individually.
 2022-02-24 15:08:17 +01:00
Alexander Lieret 4b85e95824
feat: Replace path stripping with variable 
This commit removes the automatic path stripping and replaces it with a
user configurable environment variable. This can be set individually for
each container.
 2022-02-24 15:08:17 +01:00
Alexander Lieret 9df330e51e
feat: Add user customizable default root response 2022-02-24 15:08:15 +01:00
Rafael Kraut dad4a2d7bf
docs: remove unnecessary word 2022-02-24 15:07:49 +01:00
Greg Symons e0e1732842
docs: Add documentation for path-based routing 
Co-authored-by: Josh Trow <josh.trow@gmail.com>
Co-authored-by: Adrian <WolfspiritM@users.noreply.github.com>
Co-authored-by: Rodrigo Aguilera <hi@rodrigoaguilera.net>
Co-authored-by: Alexander Lieret <alexander.lieret@fau.de>
 2022-02-24 15:07:02 +01:00
Nicolas Duchon 3670d39b71
docs: xip.io -> nip.io 2022-02-15 11:12:52 +01:00
Nicolas Duchon 4c622708bd
Merge pull request #1888 from nathanweeks/patch-1 
Fix path to default.conf in README.md
 2022-02-14 16:19:33 +01:00
Nicolas Duchon 15e33a3de5
docs: suggest alternatives to xip.io 
Fixes #1887
 2022-02-14 16:18:25 +01:00
Nathan Weeks 098e551c35
Fix path to default.conf in README.md 2022-02-14 07:42:46 -05:00
Nicolas Duchon fde0e809e4
chore: jwilder/docker-gen > nginx-proxy/docker-gen 2022-01-11 19:55:29 +01:00
Nicolas Duchon 53ef90a2f6
docs: nginx badge 1.21.4 -> 1.21.5 2022-01-06 17:12:36 +01:00
Nicolas Duchon 8c909e7d11
build: nginx 1.21.3 -> 1.21.4 2021-12-15 11:53:37 +01:00
HPPinata bbdee361f1
Clarify grammar in DH-GROUP section 
Since the second option got removed, the "either" makes no sense any more and may lead to confusion about non existent alternatives
 2021-11-04 21:45:10 +01:00
Nicolas Duchon ab7ac0aadb
fix: backward compatibility w/ DHPARAM_GENERATION 
Also use true rather than 1 to stay consistent
with other boolean environment variables
 2021-10-20 19:15:27 +02:00
polarathene 1d2f308cdf feat: Bring back ability to skip default DH params 
Adds back the ability to avoid using DH params, provided no file was explicitly supplied.

This used to be `DHPARAM_GENERATION=false`, the equivalent is now `DHPARAM_SKIP=1` (default 0). Previous name was no longer appropriate.

Ensures that if a user has explicitly provided their own dhparam file to still output a warning instead of the skip message, since `DHPARAM_SKIP=1` doesn't disable the support in nginx.
 2021-09-28 21:59:53 +13:00
polarathene ac066a73e4 feat: Replace generated DH params with RFC 7919 standardized DHE groups 
- While the anonymous VOLUME can be dropped from Dockerfile, the path needs to be valid at run-time, might as well ensure it's available by creating the dhparam folder at build.

- Generation logic no longer necessary, dropped. 

- Standardized RFC 7919 groups added (2048, 3072, 4096), with 4096-bit remaining the default size. The DH logic can live in the entrypoint script as well. 

- Third-party supplied pre-generated DH params removed as they're not considered trustworthy compared to RFC 7919 groups.
 2021-09-28 21:30:02 +13:00
kevinnls dc9876b6c2
fix anchor 2021-09-10 19:27:33 +05:30
Nahin Khan 7dfee13b56
Update README.md 2021-08-30 06:44:52 +03:00
Nicolas Duchon a33af34361
docs: predictable vs SHA1 upstream names 2021-08-19 11:41:30 +02:00
Nicolas Duchon ded3cfc168
docs: don't prefix copy pastable commands with $ 
+ other small markdown fixes
 2021-08-17 11:29:21 +02:00
Nicolas Duchon eb3bb2ab07
docs: fix line feeds 2021-08-17 11:13:31 +02:00
Nicolas Duchon 785141c7a0
docs: update nginx version badge to 1.21.1 (typo) 2021-07-09 08:13:06 +02:00
Nicolas Duchon d61f25ed3e
docs: update nginx version badge to 1.21.1 2021-07-09 08:12:06 +02:00
Nicolas Duchon 54347a9787
docs: precision about ports in VIRTUAL_HOST 2021-06-20 17:51:09 +02:00
Nicolas Duchon 84ae835582
docs: fix markdown link error 2021-06-15 00:51:00 +02:00
John Stucklen fa8b0d7bad
fix: HTTPS redirection with custom HTTPS port 2021-06-15 00:33:06 +02:00
Nicolas Duchon d1cf6b57d7
docs: custom external HTTP/HTTPS ports 2021-06-15 00:00:50 +02:00
Nicolas Duchon b9e301d769
docs: update nginx version badge 2021-06-14 15:17:23 +02:00