last fixes before next release ?

Dockerfile-arm32v7

@@ -36,6 +36,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
     chmod 750 /var/log/nginx && \
     touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \
     chown nginx:nginx /var/log/nginx/*.log && \
+    mkdir /acme-challenge && \
     chown root:nginx /acme-challenge && \
     chmod 750 /acme-challenge
 

Dockerfile-arm64v8

@@ -36,6 +36,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
     chmod 750 /var/log/nginx && \
     touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \
     chown nginx:nginx /var/log/nginx/*.log && \
+    mkdir /acme-challenge && \
     chown root:nginx /acme-challenge && \
     chmod 750 /acme-challenge
 

Dockerfile-i386

@@ -29,6 +29,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
     chmod 750 /var/log/nginx && \
     touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \
     chown nginx:nginx /var/log/nginx/*.log && \
+    mkdir /acme-challenge && \
     chown root:nginx /acme-challenge && \
     chmod 750 /acme-challenge
 

confs/site/lets-encrypt-webroot.conf

@@ -1,3 +1,3 @@
-location ^~ ^/.well-known/acme-challenge/ {
+location ~ ^/.well-known/acme-challenge/ {
 	root /acme-challenge;
 }

entrypoint/site-config.sh

@@ -22,9 +22,6 @@ if [ "$MULTISITE" = "yes" ] ; then
 	ROOT_FOLDER="${ROOT_FOLDER}/$1"
 fi
 
-# generate Let's Encrypt certificate before copying configs
-# in case we are in autoconf mode and nginx is already running
-
 # copy stub confs
 if [ "$MULTISITE" = "yes" ] ; then
 	mkdir "$NGINX_PREFIX"

scripts/abusers.sh

@@ -10,5 +10,5 @@ while read entry ; do
 done
 cp /etc/nginx/block-abusers.conf /cache
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/certbot-renew.sh

@@ -10,5 +10,5 @@ find /etc/letsencrypt -type d -exec chmod 750 {} \;
 
 # reload nginx
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/exit-nodes.sh

@@ -10,5 +10,5 @@ while read entry ; do
 done
 cp /etc/nginx/block-tor-exit-node.conf /cache
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/geoip.sh

@@ -7,6 +7,6 @@ if [ -f /etc/nginx/geoip.mmdb.gz ] ; then
 	gunzip -f /etc/nginx/geoip.mmdb.gz
 	cp /etc/nginx/geoip.mmdb /cache
 	if [ -f /tmp/nginx.pid ] ; then
-		/usr/sbin/nginx -s reload
+		/usr/sbin/nginx -s reload > /dev/null 2>&1
 	fi
 fi

scripts/logrotate.sh

@@ -7,5 +7,5 @@ pkill -HUP rsyslogd
 fail2ban-client flushlogs
 
 if [ -f /tmp/nginx.pid ] ; then
-        /usr/sbin/nginx -s reload
+        /usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/proxies.sh

@@ -10,5 +10,5 @@ while read entry ; do
 done
 cp /etc/nginx/block-proxies.conf /cache
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/referrers.sh

@@ -11,5 +11,5 @@ echo -e "map \$http_referer \$bad_referrer { hostnames; default no; $DATA }" > /
 cp /etc/nginx/map-referrer.conf /cache
 
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi

scripts/user-agents.sh

@@ -13,5 +13,5 @@ echo -e "map \$http_user_agent \$bad_user_agent { default no; $DATA_ESCAPED }" >
 cp /etc/nginx/map-user-agent.conf /cache
 
 if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
+	/usr/sbin/nginx -s reload > /dev/null 2>&1
 fi