Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/master' into merge_upstream

Browse source
This commit is contained in:
R0Wi 2021-04-03 08:27:55 +02:00
commit 0a9ddf8b70
No known key found for this signature in database
GPG key ID: 35D381829B5DF829
44 changed files with 307 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,11 @@
version: 2
updates:
# Maintain dependencies for Docker
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
labels:
- "area/chore"
- "area/dockerfile"

17
.github/workflows/docker_push.yml vendored
View file

@ -14,10 +14,23 @@ jobs:
steps:
- name: Check out the repo
uses: actions/checkout@v2
- name: Push to Docker Hub
uses: docker/build-push-action@v1
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push debian image to Docker Hub
uses: docker/build-push-action@v2
with:
file: Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
repository: seitenwerke/nginx-proxy
tag_with_ref: true

90
.github/workflows/dockerhub.yml vendored Normal file
View file

@ -0,0 +1,90 @@
name: DockerHub
on:
workflow_dispatch:
push:
branches:
- master
tags:
- '*.*.*'
paths-ignore:
- 'test/*'
- '.gitignore'
- '.travis.yml'
- 'docker-compose-separate-containers.yml'
- 'docker-compose.yml'
- 'LICENSE'
- 'Makefile'
- '*.md'
jobs:
multiarch-build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Get Docker tags for Debian based image
id: docker_meta_debian
uses: crazy-max/ghaction-docker-meta@v2
with:
images: |
nginxproxy/nginx-proxy
jwilder/nginx-proxy
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
- name: Get Docker tags for Alpine based image
id: docker_meta_alpine
uses: crazy-max/ghaction-docker-meta@v2
with:
images: |
nginxproxy/nginx-proxy
jwilder/nginx-proxy
tags: |
type=semver,suffix=-alpine,pattern={{version}}
type=semver,suffix=-alpine,pattern={{major}}.{{minor}}
type=raw,value=alpine,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
flavor: latest=false
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push the Debian based image
id: docker_build_debian
uses: docker/build-push-action@v2
with:
file: Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: true
tags: ${{ steps.docker_meta_debian.outputs.tags }}
labels: ${{ steps.docker_meta_debian.outputs.labels }}
- name: Build and push the Alpine based image
id: docker_build_alpine
uses: docker/build-push-action@v2
with:
file: Dockerfile.alpine
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: true
tags: ${{ steps.docker_meta_alpine.outputs.tags }}
labels: ${{ steps.docker_meta_alpine.outputs.labels }}
- name: Images digests
run: |
echo ${{ steps.docker_build_debian.outputs.digest }}
echo ${{ steps.docker_build_alpine.outputs.digest }}

58
Dockerfile
View file

@ -1,3 +1,46 @@
# setup build arguments for version of dependencies to use
ARG DOCKER_GEN_VERSION=0.7.4
ARG FOREGO_VERSION=0.16.1
# Use a specific version of golang to build both binaries
FROM golang:1.15.10 as gobuilder
# Build docker-gen from scratch
FROM gobuilder as dockergen
# Download the sources for the given version
ARG DOCKER_GEN_VERSION
ADD https://github.com/jwilder/docker-gen/archive/${DOCKER_GEN_VERSION}.tar.gz sources.tar.gz
# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
mkdir -p /go/src/github.com/jwilder/ && \
mv docker-gen-* /go/src/github.com/jwilder/docker-gen
# Install the dependencies and make the docker-gen executable
WORKDIR /go/src/github.com/jwilder/docker-gen
RUN go get -v ./... && \
CGO_ENABLED=0 GOOS=linux go build -ldflags "-X main.buildVersion=${DOCKER_GEN_VERSION}" ./cmd/docker-gen
# Build forego from scratch
# Because this relies on golang workspaces, we need to use go < 1.8.
FROM gobuilder as forego
# Download the sources for the given version
ARG FOREGO_VERSION
ADD https://github.com/jwilder/forego/archive/v${FOREGO_VERSION}.tar.gz sources.tar.gz
# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
mkdir -p /go/src/github.com/ddollar/ && \
mv forego-* /go/src/github.com/ddollar/forego
# Install the dependencies and make the forego executable
WORKDIR /go/src/github.com/ddollar/forego/
RUN go get -v ./... && \
CGO_ENABLED=0 GOOS=linux go build -o forego .
# Build the final image
FROM nginx:1.19.3
LABEL maintainer="Jason Wilder mail@jasonwilder.com"
@ -14,15 +57,14 @@ RUN apt-get update \
RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
&& sed -i 's/worker_processes 1/worker_processes auto/' /etc/nginx/nginx.conf
# Install Forego
ADD https://github.com/jwilder/forego/releases/download/v0.16.1/forego /usr/local/bin/forego
RUN chmod u+x /usr/local/bin/forego
# Install Forego + docker-gen
COPY --from=forego /go/src/github.com/ddollar/forego/forego /usr/local/bin/forego
COPY --from=dockergen /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/docker-gen
ENV DOCKER_GEN_VERSION 0.7.4
RUN wget https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \
&& tar -C /usr/local/bin -xvzf docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \
&& rm /docker-gen-linux-amd64-$DOCKER_GEN_VERSION.tar.gz
# Add DOCKER_GEN_VERSION environment variable
# Because some external projects rely on it
ARG DOCKER_GEN_VERSION
ENV DOCKER_GEN_VERSION=${DOCKER_GEN_VERSION}
COPY network_internal.conf /etc/nginx/

59
Dockerfile.alpine
View file

@ -1,3 +1,47 @@
# setup build arguments for version of dependencies to use
ARG DOCKER_GEN_VERSION=0.7.4
ARG FOREGO_VERSION=0.16.1
# Use a specific version of golang to build both binaries
FROM golang:1.15.10-alpine as gobuilder
RUN apk add --no-cache git
# Build docker-gen from scratch
FROM gobuilder as dockergen
# Download the sources for the given version
ARG DOCKER_GEN_VERSION
ADD https://github.com/jwilder/docker-gen/archive/${DOCKER_GEN_VERSION}.tar.gz sources.tar.gz
# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
mkdir -p /go/src/github.com/jwilder/ && \
mv docker-gen-* /go/src/github.com/jwilder/docker-gen
# Install the dependencies and make the docker-gen executable
WORKDIR /go/src/github.com/jwilder/docker-gen
RUN go get -v ./... && \
CGO_ENABLED=0 GOOS=linux go build -ldflags "-X main.buildVersion=${DOCKER_GEN_VERSION}" ./cmd/docker-gen
# Build forego from scratch
# Because this relies on golang workspaces, we need to use go < 1.8.
FROM gobuilder as forego
# Download the sources for the given version
ARG FOREGO_VERSION
ADD https://github.com/jwilder/forego/archive/v${FOREGO_VERSION}.tar.gz sources.tar.gz
# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
mkdir -p /go/src/github.com/ddollar/ && \
mv forego-* /go/src/github.com/ddollar/forego
# Install the dependencies and make the forego executable
WORKDIR /go/src/github.com/ddollar/forego/
RUN go get -v ./... && \
CGO_ENABLED=0 GOOS=linux go build -o forego .
# Build the final image
FROM nginx:1.19.3-alpine
LABEL maintainer="Jason Wilder mail@jasonwilder.com"
@ -11,15 +55,14 @@ RUN apk add --no-cache --virtual .run-deps \
RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
&& sed -i 's/worker_processes 1/worker_processes auto/' /etc/nginx/nginx.conf
# Install Forego
ADD https://github.com/jwilder/forego/releases/download/v0.16.1/forego /usr/local/bin/forego
RUN chmod u+x /usr/local/bin/forego
# Install Forego + docker-gen
COPY --from=forego /go/src/github.com/ddollar/forego/forego /usr/local/bin/forego
COPY --from=dockergen /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/docker-gen
ENV DOCKER_GEN_VERSION 0.7.4
RUN wget --quiet https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \
&& tar -C /usr/local/bin -xvzf docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz \
&& rm /docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz
# Add DOCKER_GEN_VERSION environment variable
# Because some external projects rely on it
ARG DOCKER_GEN_VERSION
ENV DOCKER_GEN_VERSION=${DOCKER_GEN_VERSION}
COPY network_internal.conf /etc/nginx/

4
Makefile
View file

@ -6,11 +6,11 @@ update-dependencies:
test/requirements/build.sh
test-debian: update-dependencies
docker build -t jwilder/nginx-proxy:test .
docker build -t nginxproxy/nginx-proxy:test .
test/pytest.sh
test-alpine: update-dependencies
docker build -f Dockerfile.alpine -t jwilder/nginx-proxy:test .
docker build -f Dockerfile.alpine -t nginxproxy/nginx-proxy:test .
test/pytest.sh
test: test-debian test-alpine

60
README.md
View file

@ -1,9 +1,13 @@
# Seitenwerke nginx-proxy fork
[![Docker Image Version (latest semver)](https://img.shields.io/docker/v/seitenwerke/nginx-proxy?label=docker%20version&sort=semver)](https://hub.docker.com/repository/docker/seitenwerke/nginx-proxy) ![Publish Docker image](https://github.com/seitenwerke/seitenwerke-nginx-proxy/workflows/Publish%20Docker%20image/badge.svg?branch=master) ![Test](https://github.com/seitenwerke/seitenwerke-nginx-proxy/workflows/Test/badge.svg)
## Push a new version
To push a new version to docker hub just create a new tag like `v1.0.1`. Github actions will then create a new container image and push
it to the docker hub automatically. See `.github/workflows/docker_push.yml` for details.
# Original Readme
![latest 0.7.0](https://img.shields.io/badge/latest-0.7.0-green.svg?style=flat)
![nginx 1.19.3](https://img.shields.io/badge/nginx-1.19.3-brightgreen.svg) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg) [![Build Status](https://travis-ci.org/jwilder/nginx-proxy.svg?branch=master)](https://travis-ci.org/jwilder/nginx-proxy) [![](https://img.shields.io/docker/stars/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub') [![](https://img.shields.io/docker/pulls/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/jwilder/nginx-proxy 'DockerHub')
![latest 0.8.0](https://img.shields.io/badge/latest-0.8.0-green.svg?style=flat)
![nginx 1.19.3](https://img.shields.io/badge/nginx-1.19.3-brightgreen.svg) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg) [![Build Status](https://travis-ci.org/jwilder/nginx-proxy.svg?branch=master)](https://travis-ci.org/jwilder/nginx-proxy) [![](https://img.shields.io/docker/stars/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/nginxproxy/nginx-proxy 'DockerHub') [![](https://img.shields.io/docker/pulls/jwilder/nginx-proxy.svg)](https://hub.docker.com/r/nginxproxy/nginx-proxy 'DockerHub')
nginx-proxy sets up a container running nginx and [docker-gen][1]. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.
@ -14,7 +18,7 @@ See [Automated Nginx Reverse Proxy for Docker][2] for why you might want to use
To run it:
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
Then start any containers you want proxied with an env var `VIRTUAL_HOST=subdomain.youdomain.com`
@ -28,17 +32,17 @@ Provided your DNS is setup to forward foo.bar.com to the host running nginx-prox
The nginx-proxy images are available in two flavors.
#### jwilder/nginx-proxy:latest
#### nginxproxy/nginx-proxy:latest
This image uses the debian:jessie based nginx image.
This image uses the debian:buster based nginx image.
$ docker pull jwilder/nginx-proxy:latest
$ docker pull nginxproxy/nginx-proxy:latest
#### jwilder/nginx-proxy:alpine
#### nginxproxy/nginx-proxy:alpine
This image is based on the nginx:alpine image. Use this image to fully support HTTP/2 (including ALPN required by recent Chrome versions). A valid certificate is required as well (see eg. below "SSL Support using letsencrypt" for more info).
$ docker pull jwilder/nginx-proxy:alpine
$ docker pull nginxproxy/nginx-proxy:alpine
### Docker Compose
@ -47,7 +51,7 @@ version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy
image: nginxproxy/nginx-proxy
ports:
- "80:80"
volumes:
@ -69,7 +73,7 @@ I'm 5b129ab83266
You can activate the IPv6 support for the nginx-proxy container by passing the value `true` to the `ENABLE_IPV6` environment variable:
$ docker run -d -p 80:80 -e ENABLE_IPV6=true -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -e ENABLE_IPV6=true -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
### Multiple Ports
@ -94,7 +98,7 @@ If you want your `nginx-proxy` container to be attached to a different network,
```console
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro \
--name my-nginx-proxy --net my-network jwilder/nginx-proxy
--name my-nginx-proxy --net my-network nginxproxy/nginx-proxy
$ docker network connect my-other-network my-nginx-proxy
```
@ -146,7 +150,7 @@ If you use fastcgi,you can set `VIRTUAL_ROOT=xxx` for your root directory
To set the default host for nginx use the env var `DEFAULT_HOST=foo.bar.com` for example
$ docker run -d -p 80:80 -e DEFAULT_HOST=foo.bar.com -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -e DEFAULT_HOST=foo.bar.com -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
### Separate Containers
@ -164,7 +168,7 @@ $ curl -H "Host: whoami.local" localhost
I'm 5b129ab83266
```
To run nginx proxy as a separate container you'll need to have [nginx.tmpl](https://github.com/jwilder/nginx-proxy/blob/master/nginx.tmpl) on your host system.
To run nginx proxy as a separate container you'll need to have [nginx.tmpl](https://github.com/nginx-proxy/nginx-proxy/blob/master/nginx.tmpl) on your host system.
First start nginx with a volume:
@ -185,7 +189,7 @@ Finally, start your containers with `VIRTUAL_HOST` environment variables.
$ docker run -e VIRTUAL_HOST=foo.bar.com ...
### SSL Support using letsencrypt
[letsencrypt-nginx-proxy-companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) is a lightweight companion container for the nginx-proxy. It allows the creation/renewal of Let's Encrypt certificates automatically.
[letsencrypt-nginx-proxy-companion](https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion) is a lightweight companion container for the nginx-proxy. It allows the creation/renewal of Let's Encrypt certificates automatically.
Set `DHPARAM_GENERATION` environment variable to `false` to disabled Diffie-Hellman parameters completely. This will also ignore auto-generation made by `nginx-proxy`.
The default value is `true`
@ -198,7 +202,7 @@ certificates or optionally specifying a cert name (for SNI) as an environment va
To enable SSL:
$ docker run -d -p 80:80 -p 443:443 -v /path/to/certs:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -p 443:443 -v /path/to/certs:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
The contents of `/path/to/certs` should contain the certificates and private keys for any virtual
hosts in use. The certificate and keys should be named after the virtual host with a `.crt` and
@ -222,7 +226,7 @@ at startup. Since it can take minutes to generate a new `dhparam.pem`, it is do
background. Once generation is complete, the `dhparam.pem` is saved on a persistent volume and nginx
is reloaded. This generation process only occurs the first time you start `nginx-proxy`.
> COMPATIBILITY WARNING: The default generated `dhparam.pem` key is 2048 bits for A+ security. Some
> COMPATIBILITY WARNING: The default generated `dhparam.pem` key is 4096 bits for A+ security. Some
> older clients (like Java 6 and 7) do not support DH keys with over 1024 bits. In order to support these
> clients, you must either provide your own `dhparam.pem`, or tell `nginx-proxy` to generate a 1024-bit
> key on startup by passing `-e DHPARAM_BITS=1024`.
@ -230,7 +234,7 @@ is reloaded. This generation process only occurs the first time you start `ngin
In the separate container setup, no pregenerated key will be available and neither the
[jwilder/docker-gen](https://hub.docker.com/r/jwilder/docker-gen) image nor the offical
[nginx](https://registry.hub.docker.com/_/nginx/) image will generate one. If you still want A+ security
in a separate container setup, you'll have to generate a 2048 bits DH key file manually and mount it on the
in a separate container setup, you'll have to generate a 2048 or 4096 bits DH key file manually and mount it on the
nginx container, at `/etc/nginx/dhparam/dhparam.pem`.
#### Wildcard Certificates
@ -272,7 +276,7 @@ and the [AWS ELB Security Policies](https://docs.aws.amazon.com/elasticloadbalan
`AWS-TLS-1-2-2017-01`, `AWS-TLS-1-1-2017-01`, `AWS-2016-08`, `AWS-2015-05`, `AWS-2015-03` and `AWS-2015-02`.
Note that the `Mozilla-Old` policy should use a 1024 bits DH key for compatibility but this container generates
a 2048 bits key. The [Diffie-Hellman Groups](#diffie-hellman-groups) section details different methods of bypassing
a 4096 bits key. The [Diffie-Hellman Groups](#diffie-hellman-groups) section details different methods of bypassing
this, either globally or per virtual-host.
The default behavior for the proxy when port 80 and 443 are exposed is as follows:
@ -313,7 +317,7 @@ $ docker run -d -p 80:80 -p 443:443 \
-v /path/to/htpasswd:/etc/nginx/htpasswd \
-v /path/to/certs:/etc/nginx/certs \
-v /var/run/docker.sock:/tmp/docker.sock:ro \
jwilder/nginx-proxy
nginxproxy/nginx-proxy
```
You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
@ -355,7 +359,7 @@ To add settings on a proxy-wide basis, add your configuration file under `/etc/n
This can be done in a derived image by creating the file in a `RUN` command or by `COPY`ing the file into `conf.d`:
```Dockerfile
FROM jwilder/nginx-proxy
FROM nginxproxy/nginx-proxy
RUN { \
echo 'server_tokens off;'; \
echo 'client_max_body_size 100m;'; \
@ -364,7 +368,7 @@ RUN { \
Or it can be done by mounting in your custom configuration in your `docker run` command:
$ docker run -d -p 80:80 -p 443:443 -v /path/to/my_proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -p 443:443 -v /path/to/my_proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
#### Per-VIRTUAL_HOST
@ -374,7 +378,7 @@ In order to allow virtual hosts to be dynamically configured as backends are add
For example, if you have a virtual host named `app.example.com`, you could provide a custom configuration for that host as follows:
$ docker run -d -p 80:80 -p 443:443 -v /path/to/vhost.d:/etc/nginx/vhost.d:ro -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -p 443:443 -v /path/to/vhost.d:/etc/nginx/vhost.d:ro -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
$ { echo 'server_tokens off;'; echo 'client_max_body_size 100m;'; } > /path/to/vhost.d/app.example.com
If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=example.com,www.example.com`), the virtual host configuration file must exist for each hostname. If you would like to use the same configuration for multiple virtual host names, you can use a symlink:
@ -394,7 +398,7 @@ just like the previous section except with the suffix `_location`.
For example, if you have a virtual host named `app.example.com` and you have configured a proxy_cache `my-cache` in another custom file, you could tell it to use a proxy cache as follows:
$ docker run -d -p 80:80 -p 443:443 -v /path/to/vhost.d:/etc/nginx/vhost.d:ro -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
$ docker run -d -p 80:80 -p 443:443 -v /path/to/vhost.d:/etc/nginx/vhost.d:ro -v /var/run/docker.sock:/tmp/docker.sock:ro nginxproxy/nginx-proxy
$ { echo 'proxy_cache my-cache;'; echo 'proxy_cache_valid 200 302 60m;'; echo 'proxy_cache_valid 404 1m;' } > /path/to/vhost.d/app.example.com_location
If you are using multiple hostnames for a single container (e.g. `VIRTUAL_HOST=example.com,www.example.com`), the virtual host configuration file must exist for each hostname. If you would like to use the same configuration for multiple virtual host names, you can use a symlink:
@ -413,15 +417,15 @@ Before submitting pull requests or issues, please check github to make sure an e
#### Running Tests Locally
To run tests, you need to prepare the docker image to test which must be tagged `jwilder/nginx-proxy:test`:
To run tests, you need to prepare the docker image to test which must be tagged `nginxproxy/nginx-proxy:test`:
docker build -t jwilder/nginx-proxy:test . # build the Debian variant image
docker build -t nginxproxy/nginx-proxy:test . # build the Debian variant image
and call the [test/pytest.sh](test/pytest.sh) script.
Then build the Alpine variant of the image:
docker build -f Dockerfile.alpine -t jwilder/nginx-proxy:test . # build the Alpline variant image
docker build -f Dockerfile.alpine -t nginxproxy/nginx-proxy:test . # build the Alpline variant image
and call the [test/pytest.sh](test/pytest.sh) script again.
@ -432,7 +436,3 @@ If your system has the `make` command, you can automate those tasks by calling:
You can learn more about how the test suite works and how to write new tests in the [test/README.md](test/README.md) file.
### Need help?
If you have questions on how to use the image, please ask them on the [Q&A Group](https://groups.google.com/forum/#!forum/nginx-proxy)

2
docker-compose.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy
image: nginxproxy/nginx-proxy
container_name: nginx-proxy
ports:
- "80:80"

4
docker-entrypoint.sh
View file

@ -7,7 +7,7 @@ if [[ $DOCKER_HOST = unix://* ]]; then
if ! [ -S $socket_file ]; then
cat >&2 <<-EOT
ERROR: you need to share your Docker host socket with a volume at $socket_file
Typically you should run your jwilder/nginx-proxy with: \`-v /var/run/docker.sock:$socket_file:ro\`
Typically you should run your nginxproxy/nginx-proxy with: \`-v /var/run/docker.sock:$socket_file:ro\`
See the documentation at http://git.io/vZaGJ
EOT
socketMissing=1
@ -15,7 +15,7 @@ if [[ $DOCKER_HOST = unix://* ]]; then
fi
# Generate dhparam file if required
# Note: if $DHPARAM_BITS is not defined, generate-dhparam.sh will use 2048 as a default
# Note: if $DHPARAM_BITS is not defined, generate-dhparam.sh will use 4096 as a default
# Note2: if $DHPARAM_GENERATION is set to false in environment variable, dh param generator will skip completely
/app/generate-dhparam.sh $DHPARAM_BITS $DHPARAM_GENERATION

3
nginx.tmpl
View file

@ -253,8 +253,9 @@ server {
{{ $access_log }}
# Do not HTTPS redirect Let'sEncrypt ACME challenge
location /.well-known/acme-challenge/ {
location ^~ /.well-known/acme-challenge/ {
auth_basic off;
auth_request off;
allow all;
root /usr/share/nginx/html;
try_files $uri =404;

8
test/README.md
View file

@ -15,13 +15,13 @@ If you can't install those requirements on your computer, you can alternatively
Prepare the nginx-proxy test image
----------------------------------
docker build -t jwilder/nginx-proxy:test ..
docker build -t nginxproxy/nginx-proxy:test ..
or if you want to test the alpine flavor:
docker build -t jwilder/nginx-proxy:test -f Dockerfile.alpine ..
docker build -t nginxproxy/nginx-proxy:test -f Dockerfile.alpine ..
make sure to tag that test image exactly `jwilder/nginx-proxy:test` or the test suite won't work.
make sure to tag that test image exactly `nginxproxy/nginx-proxy:test` or the test suite won't work.
Run the test suite
@ -65,7 +65,7 @@ In your tests, you can use the `docker_compose` variable to query and command th
Also this fixture alters the way the python interpreter resolves domain names to IP addresses in the following ways:
Any domain name containing the substring `nginx-proxy` will resolve to the IP address of the container that was created from the `jwilder/nginx-proxy:test` image. So all the following domain names will resolve to the nginx-proxy container in tests:
Any domain name containing the substring `nginx-proxy` will resolve to the IP address of the container that was created from the `nginxproxy/nginx-proxy:test` image. So all the following domain names will resolve to the nginx-proxy container in tests:
- `nginx-proxy`
- `nginx-proxy.com`
- `www.nginx-proxy.com`

24
test/conftest.py
View file

@ -68,11 +68,11 @@ class requests_for_docker(object):
"""
Return the nginx config file
"""
nginx_proxy_containers = docker_client.containers.list(filters={"ancestor": "jwilder/nginx-proxy:test"})
nginx_proxy_containers = docker_client.containers.list(filters={"ancestor": "nginxproxy/nginx-proxy:test"})
if len(nginx_proxy_containers) > 1:
pytest.fail("Too many running jwilder/nginx-proxy:test containers", pytrace=False)
pytest.fail("Too many running nginxproxy/nginx-proxy:test containers", pytrace=False)
elif len(nginx_proxy_containers) == 0:
pytest.fail("No running jwilder/nginx-proxy:test container", pytrace=False)
pytest.fail("No running nginxproxy/nginx-proxy:test container", pytrace=False)
return get_nginx_conf_from_container(nginx_proxy_containers[0])
def get(self, *args, **kwargs):
@ -162,16 +162,16 @@ def container_ipv6(container):
def nginx_proxy_dns_resolver(domain_name):
"""
if "nginx-proxy" if found in host, return the ip address of the docker container
issued from the docker image jwilder/nginx-proxy:test.
issued from the docker image nginxproxy/nginx-proxy:test.
:return: IP or None
"""
log = logging.getLogger('DNS')
log.debug("nginx_proxy_dns_resolver(%r)" % domain_name)
if 'nginx-proxy' in domain_name:
nginxproxy_containers = docker_client.containers.list(filters={"status": "running", "ancestor": "jwilder/nginx-proxy:test"})
nginxproxy_containers = docker_client.containers.list(filters={"status": "running", "ancestor": "nginxproxy/nginx-proxy:test"})
if len(nginxproxy_containers) == 0:
log.warn("no container found from image jwilder/nginx-proxy:test while resolving %r", domain_name)
log.warn("no container found from image nginxproxy/nginx-proxy:test while resolving %r", domain_name)
return
nginxproxy_container = nginxproxy_containers[0]
ip = container_ip(nginxproxy_container)
@ -211,7 +211,7 @@ def monkey_patch_urllib_dns_resolver():
"""
Alter the behavior of the urllib DNS resolver so that any domain name
containing substring 'nginx-proxy' will resolve to the IP address
of the container created from image 'jwilder/nginx-proxy:test'.
of the container created from image 'nginxproxy/nginx-proxy:test'.
"""
prv_getaddrinfo = socket.getaddrinfo
dns_cache = {}
@ -278,10 +278,10 @@ def docker_compose_down(compose_file='docker-compose.yml'):
def wait_for_nginxproxy_to_be_ready():
"""
If one (and only one) container started from image jwilder/nginx-proxy:test is found,
If one (and only one) container started from image nginxproxy/nginx-proxy:test is found,
wait for its log to contain substring "Watching docker events"
"""
containers = docker_client.containers.list(filters={"ancestor": "jwilder/nginx-proxy:test"})
containers = docker_client.containers.list(filters={"ancestor": "nginxproxy/nginx-proxy:test"})
if len(containers) != 1:
return
container = containers[0]
@ -439,7 +439,7 @@ def nginxproxy():
def pytest_runtest_logreport(report):
if report.failed:
if isinstance(report.longrepr, ReprExceptionInfo):
test_containers = docker_client.containers.list(all=True, filters={"ancestor": "jwilder/nginx-proxy:test"})
test_containers = docker_client.containers.list(all=True, filters={"ancestor": "nginxproxy/nginx-proxy:test"})
for container in test_containers:
report.longrepr.addsection('nginx-proxy logs', container.logs())
report.longrepr.addsection('nginx-proxy conf', get_nginx_conf_from_container(container))
@ -465,9 +465,9 @@ def pytest_runtest_setup(item):
###############################################################################
try:
docker_client.images.get('jwilder/nginx-proxy:test')
docker_client.images.get('nginxproxy/nginx-proxy:test')
except docker.errors.ImageNotFound:
pytest.exit("The docker image 'jwilder/nginx-proxy:test' is missing")
pytest.exit("The docker image 'nginxproxy/nginx-proxy:test' is missing")
if docker.__version__ != "2.1.0":
pytest.exit("This test suite is meant to work with the python docker module v2.1.0")

2
test/stress_tests/test_deleted_cert/docker-compose.yml
View file

@ -8,7 +8,7 @@ web:
reverseproxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
container_name: reverseproxy
environment:
DEBUG: "true"

2
test/stress_tests/test_unreachable_network/README.md
View file

@ -6,7 +6,7 @@ Furthermore, if the nginx-proxy in such state is restarted, the nginx process wi
In the generated nginx config file, we can notice the presence of an empty `upstream {}` block.
This can be fixed by merging [PR-585](https://github.com/jwilder/nginx-proxy/pull/585).
This can be fixed by merging [PR-585](https://github.com/nginx-proxy/nginx-proxy/pull/585).
## How to reproduce

2
test/stress_tests/test_unreachable_network/docker-compose.yml
View file

@ -9,7 +9,7 @@ services:
container_name: reverseproxy
networks:
- netA
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro

2
test/test_DOCKER_HOST_unix_socket.yml
View file

@ -16,7 +16,7 @@ web2:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/f00.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_composev2.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_custom/test_defaults-location.yml
View file

@ -1,5 +1,5 @@
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_custom/test_defaults.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_custom/test_location-per-vhost.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_custom/test_per-vhost.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_custom/test_proxy-wide.yml
View file

@ -1,7 +1,7 @@
version: '2'
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

6
test/test_dockergen/test_dockergen_v2.py
View file

@ -8,13 +8,13 @@ import pytest
def nginx_tmpl():
"""
pytest fixture which extracts the the nginx config template from
the jwilder/nginx-proxy:test image
the nginxproxy/nginx-proxy:test image
"""
script_dir = os.path.dirname(__file__)
logging.info("extracting nginx.tmpl from jwilder/nginx-proxy:test")
logging.info("extracting nginx.tmpl from nginxproxy/nginx-proxy:test")
docker_client = docker.from_env()
print(docker_client.containers.run(
image='jwilder/nginx-proxy:test',
image='nginxproxy/nginx-proxy:test',
remove=True,
volumes=['{current_dir}:{current_dir}'.format(current_dir=script_dir)],
entrypoint='sh',

6
test/test_dockergen/test_dockergen_v3.py
View file

@ -31,13 +31,13 @@ pytestmark = pytest.mark.skipif(
def nginx_tmpl():
"""
pytest fixture which extracts the the nginx config template from
the jwilder/nginx-proxy:test image
the nginxproxy/nginx-proxy:test image
"""
script_dir = os.path.dirname(__file__)
logging.info("extracting nginx.tmpl from jwilder/nginx-proxy:test")
logging.info("extracting nginx.tmpl from nginxproxy/nginx-proxy:test")
docker_client = docker.from_env()
print(docker_client.containers.run(
image='jwilder/nginx-proxy:test',
image='nginxproxy/nginx-proxy:test',
remove=True,
volumes=['{current_dir}:{current_dir}'.format(current_dir=script_dir)],
entrypoint='sh',

2
test/test_events.yml
View file

@ -1,5 +1,5 @@
nginxproxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_headers/test_http.yml
View file

@ -8,7 +8,7 @@ web:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_headers/test_https.yml
View file

@ -8,7 +8,7 @@ web:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./certs/web.nginx-proxy.tld.crt:/etc/nginx/certs/web.nginx-proxy.tld.crt:ro

2
test/test_ipv6.yml
View file

@ -16,7 +16,7 @@ web2:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_multiple-hosts.yml
View file

@ -8,7 +8,7 @@ web:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_multiple-networks.yml
View file

@ -6,7 +6,7 @@ networks:
services:
nginx-proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_multiple-ports/test_VIRTUAL_PORT.yml
View file

@ -9,7 +9,7 @@ web:
VIRTUAL_PORT: 90
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_multiple-ports/test_default-80.yml
View file

@ -8,7 +8,7 @@ web:
VIRTUAL_HOST: "web.nginx-proxy.tld"
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_multiple-ports/test_single-port-not-80.yml
View file

@ -8,7 +8,7 @@ web:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_nominal.yml
View file

@ -16,7 +16,7 @@ web2:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/test_dhparam.yml
View file

@ -8,7 +8,7 @@ web5:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
container_name: nginxproxy
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro

2
test/test_ssl/test_dhparam_generation.yml
View file

@ -1,5 +1,5 @@
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
container_name: nginxproxy
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro

4
test/test_ssl/test_hsts.py
View file

@ -8,7 +8,7 @@ def test_web1_HSTS_default(docker_compose, nginxproxy):
assert "max-age=31536000" == r.headers["Strict-Transport-Security"]
# Regression test to ensure HSTS is enabled even when the upstream sends an error in response
# Issue #1073 https://github.com/jwilder/nginx-proxy/pull/1073
# Issue #1073 https://github.com/nginx-proxy/nginx-proxy/pull/1073
def test_web1_HSTS_error(docker_compose, nginxproxy):
r = nginxproxy.get("https://web1.nginx-proxy.tld/status/500", allow_redirects=False)
assert "Strict-Transport-Security" in r.headers
@ -26,7 +26,7 @@ def test_web3_HSTS_custom(docker_compose, nginxproxy):
assert "max-age=86400; includeSubDomains; preload" == r.headers["Strict-Transport-Security"]
# Regression test for issue 1080
# https://github.com/jwilder/nginx-proxy/issues/1080
# https://github.com/nginx-proxy/nginx-proxy/issues/1080
def test_web4_HSTS_off_noredirect(docker_compose, nginxproxy):
r = nginxproxy.get("https://web4.nginx-proxy.tld/port", allow_redirects=False)
assert "answer from port 81\n" in r.text

2
test/test_ssl/test_hsts.yml
View file

@ -35,7 +35,7 @@ web4:
HTTPS_METHOD: "noredirect"
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/test_nohttp.yml
View file

@ -9,7 +9,7 @@ web2:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/test_nohttps.yml
View file

@ -9,7 +9,7 @@ web:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/test_noredirect.yml
View file

@ -9,7 +9,7 @@ web3:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/test_wildcard.yml
View file

@ -7,7 +7,7 @@ web1:
VIRTUAL_HOST: "*.nginx-proxy.tld"
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ../lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro

2
test/test_ssl/wildcard_cert_and_nohttps/docker-compose.yml
View file

@ -3,7 +3,7 @@ version: "3"
services:
proxy:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./certs:/etc/nginx/certs:ro

2
test/test_wildcard_host.yml
View file

@ -32,7 +32,7 @@ web4:
sut:
image: jwilder/nginx-proxy:test
image: nginxproxy/nginx-proxy:test
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./lib/ssl/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro