mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
docs - various examples fixes
This commit is contained in:
parent
a824e15684
commit
58f2926e95
8 changed files with 15 additions and 5 deletions
|
@ -27,7 +27,7 @@
|
||||||
|
|
||||||
> Make security by default great again !
|
> Make security by default great again !
|
||||||
|
|
||||||
bunkerized-nginx is a web server based on the notorious nginx and focused on security. It integrates into existing environments (Linux, Docker, Swarm, Kubernetes, ...) to make your web services "secured by default" without any hassle. The security best practices are automatically applied for you while keeping control of every settings to meet your own use case.
|
bunkerized-nginx is a web server based on the notorious nginx and focused on security. It integrates into existing environments (Linux, Docker, Swarm, Kubernetes, ...) to make your web services "secure by default" without any hassle. The security best practices are automatically applied for you while keeping control of every settings to meet your own use case.
|
||||||
|
|
||||||
<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/docs/img/overview.png?raw=true" />
|
<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/docs/img/overview.png?raw=true" />
|
||||||
|
|
||||||
|
|
|
@ -199,7 +199,7 @@ You can quickly protect sensitive resources (e.g. : admin panels) by requiring H
|
||||||
- `AUTH_BASIC_PASSWORD=changeme` : the password required
|
- `AUTH_BASIC_PASSWORD=changeme` : the password required
|
||||||
- `AUTH_BASIC_TEXT=Restricted area` : the text that will be displayed to the user
|
- `AUTH_BASIC_TEXT=Restricted area` : the text that will be displayed to the user
|
||||||
|
|
||||||
Please note that bunkerized-nginx also supports [Authelia](https://github.com/authelia/authelia) for authentication (see the corresponding [environment variables](https://bunkerized-nginx.readthedocs.io/en/latest/environment_variables.html#authelia) and a [full example](https://github.com/bunkerity/bunkerized-nginx/tree/dev/examples/authelia)).
|
Please note that bunkerized-nginx also supports [Authelia](https://github.com/authelia/authelia) for authentication (see the corresponding [environment variables](https://bunkerized-nginx.readthedocs.io/en/latest/environment_variables.html#authelia) and a [full example](https://github.com/bunkerity/bunkerized-nginx/tree/master/examples/authelia)).
|
||||||
|
|
||||||
## Whitelisting
|
## Whitelisting
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ services:
|
||||||
- NODE_ENV=production
|
- NODE_ENV=production
|
||||||
labels:
|
labels:
|
||||||
- "bunkerized-nginx.SERVER_NAME=app1.example.com" # replace with your domain
|
- "bunkerized-nginx.SERVER_NAME=app1.example.com" # replace with your domain
|
||||||
|
- "bunkerized-nginx.USE_REVERSE_PROXY=yes"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp1:3000"
|
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp1:3000"
|
||||||
|
|
||||||
|
@ -25,6 +26,7 @@ services:
|
||||||
- NODE_ENV=production
|
- NODE_ENV=production
|
||||||
labels:
|
labels:
|
||||||
- "bunkerized-nginx.SERVER_NAME=app2.example.com" # replace with your domain
|
- "bunkerized-nginx.SERVER_NAME=app2.example.com" # replace with your domain
|
||||||
|
- "bunkerized-nginx.USE_REVERSE_PROXY=yes"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp2:3000"
|
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp2:3000"
|
||||||
|
|
||||||
|
@ -38,6 +40,7 @@ services:
|
||||||
- NODE_ENV=production
|
- NODE_ENV=production
|
||||||
labels:
|
labels:
|
||||||
- "bunkerized-nginx.SERVER_NAME=app3.example.com" # replace with your domain
|
- "bunkerized-nginx.SERVER_NAME=app3.example.com" # replace with your domain
|
||||||
|
- "bunkerized-nginx.USE_REVERSE_PROXY=yes"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
- "bunkerized-nginx.REVERSE_PROXY_URL=/"
|
||||||
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp3:3000"
|
- "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp3:3000"
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,10 @@ Gogs is an easy to install, cross-platform and lightweight self-hosted Git servi
|
||||||
|
|
||||||
<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/examples/gogs/architecture.png?raw=true" />
|
<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/examples/gogs/architecture.png?raw=true" />
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
You will need to edit the `data-gogs/gogs/conf/app.ini` with your own settings.
|
||||||
|
|
||||||
## Docker
|
## Docker
|
||||||
|
|
||||||
See [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/gogs/docker-compose.yml).
|
See [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/gogs/docker-compose.yml).
|
||||||
|
|
3
examples/gogs/data-gogs/gogs/conf/app.ini
Normal file
3
examples/gogs/data-gogs/gogs/conf/app.ini
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
[server]
|
||||||
|
EXTERNAL_URL = https://www.example.com/
|
||||||
|
DOMAIN = www.example.com
|
|
@ -22,7 +22,7 @@ services:
|
||||||
- USE_GZIP=yes
|
- USE_GZIP=yes
|
||||||
- USE_REVERSE_PROXY=yes
|
- USE_REVERSE_PROXY=yes
|
||||||
- REVERSE_PROXY_URL=/
|
- REVERSE_PROXY_URL=/
|
||||||
- REVERSE_PROXY_HOST=http://mygogs:3000/
|
- REVERSE_PROXY_HOST=http://mygogs:3000
|
||||||
|
|
||||||
mygogs:
|
mygogs:
|
||||||
image: gogs/gogs
|
image: gogs/gogs
|
||||||
|
|
|
@ -35,7 +35,7 @@ metadata:
|
||||||
bunkerized-nginx: "yes"
|
bunkerized-nginx: "yes"
|
||||||
annotations:
|
annotations:
|
||||||
bunkerized-nginx.SERVER_NAME: "app2.example.com"
|
bunkerized-nginx.SERVER_NAME: "app2.example.com"
|
||||||
bunkerized-nginx.REMOTE_PHP: "app2"
|
bunkerized-nginx.REMOTE_PHP: "app2.default.svc.cluster.local"
|
||||||
bunkerized-nginx.REMOTE_PHP_PATH: "/var/www/html"
|
bunkerized-nginx.REMOTE_PHP_PATH: "/var/www/html"
|
||||||
bunkerized-nginx.AUTO_LETS_ENCRYPT: "yes"
|
bunkerized-nginx.AUTO_LETS_ENCRYPT: "yes"
|
||||||
spec:
|
spec:
|
||||||
|
|
|
@ -29,7 +29,7 @@ metadata:
|
||||||
bunkerized-nginx.SERVER_NAME: "app3.example.com"
|
bunkerized-nginx.SERVER_NAME: "app3.example.com"
|
||||||
bunkerized-nginx.USE_REVERSE_PROXY: "yes"
|
bunkerized-nginx.USE_REVERSE_PROXY: "yes"
|
||||||
bunkerized-nginx.REVERSE_PROXY_URL: "/"
|
bunkerized-nginx.REVERSE_PROXY_URL: "/"
|
||||||
bunkerized-nginx.REVERSE_PROXY_HOST: "http://app3"
|
bunkerized-nginx.REVERSE_PROXY_HOST: "http://app3.default.svc.cluster.local"
|
||||||
bunkerized-nginx.AUTO_LETS_ENCRYPT: "yes"
|
bunkerized-nginx.AUTO_LETS_ENCRYPT: "yes"
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
|
Loading…
Reference in a new issue