From 57cb3d9e78907f84137de2f24179fe398e975baf Mon Sep 17 00:00:00 2001 From: nir3shprabu <115976526+nir3shprabu@users.noreply.github.com> Date: Wed, 15 Mar 2023 17:06:14 +0530 Subject: [PATCH 1/4] feat: Add Dockerfile and nginx.conf --- Dockerfile | 13 +++++++++++ nginx.conf | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 Dockerfile create mode 100644 nginx.conf diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ebfff79 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM cgr.dev/chainguard/wolfi-base AS builder + +WORKDIR /src + +COPY . . + +RUN rm -rf nginx.conf + +FROM cgr.dev/chainguard/nginx + +COPY --from=builder /src /var/lib/nginx/html + +COPY nginx.conf /etc/nginx/ diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..81fb3d2 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,64 @@ +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + + server { + listen 80; + listen [::]:80; + server_name lnproxy; + + location / { + root /var/lib/nginx/html; + try_files $uri $uri/ /index.html; + expires 1y; + add_header Cache-Control "no-cache"; + add_header Content-Security-Policy "default-src 'none'; style-src 'self'; script-src 'self'; img-src 'self' blob: data:; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; manifest-src 'self'; connect-src *" always; + add_header Feature-Policy "microphone none;camera none"; + add_header 'Referrer-Policy' 'no-referrer' always; + add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Frame-Options "DENY" always; + add_header X-XSS-Protection "1; mode=block" always; + + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + } +} +# server { +# listen 80; +# listen [::]:80; + +# root /var/lib/nginx/html; +# index.html +# server_name lnproxy; + + +# location / { +# expires 1y; +# try_files $uri $uri/ =404; +# add_header Cache-Control "no-cache"; +# add_header Content-Security-Policy "default-src 'none'; style-src 'self'; script-src 'self'; img-src 'self' blob: data:; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; manifest-src 'self'; connect-src *" always; +# add_header Feature-Policy "microphone none;camera none"; +# add_header 'Referrer-Policy' 'no-referrer' always; +# add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always; +# add_header X-Content-Type-Options "nosniff" always; +# add_header X-Frame-Options "DENY" always; +# add_header X-XSS-Protection "1; mode=block" always; + +# } + + +# } From 9eb0eab8c719e214bfd4c2182a23af72fa44bccf Mon Sep 17 00:00:00 2001 From: nir3shprabu <115976526+nir3shprabu@users.noreply.github.com> Date: Wed, 15 Mar 2023 18:42:09 +0530 Subject: [PATCH 2/4] chore: Modify nginx.conf --- nginx.conf | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/nginx.conf b/nginx.conf index 81fb3d2..242be4e 100644 --- a/nginx.conf +++ b/nginx.conf @@ -18,8 +18,8 @@ http { location / { root /var/lib/nginx/html; - try_files $uri $uri/ /index.html; expires 1y; + try_files $uri $uri/ /index.html; add_header Cache-Control "no-cache"; add_header Content-Security-Policy "default-src 'none'; style-src 'self'; script-src 'self'; img-src 'self' blob: data:; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; manifest-src 'self'; connect-src *" always; add_header Feature-Policy "microphone none;camera none"; @@ -37,28 +37,3 @@ http { } } } -# server { -# listen 80; -# listen [::]:80; - -# root /var/lib/nginx/html; -# index.html -# server_name lnproxy; - - -# location / { -# expires 1y; -# try_files $uri $uri/ =404; -# add_header Cache-Control "no-cache"; -# add_header Content-Security-Policy "default-src 'none'; style-src 'self'; script-src 'self'; img-src 'self' blob: data:; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; manifest-src 'self'; connect-src *" always; -# add_header Feature-Policy "microphone none;camera none"; -# add_header 'Referrer-Policy' 'no-referrer' always; -# add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always; -# add_header X-Content-Type-Options "nosniff" always; -# add_header X-Frame-Options "DENY" always; -# add_header X-XSS-Protection "1; mode=block" always; - -# } - - -# } From e6835e7394a41607dff609c91b6a4303c875d064 Mon Sep 17 00:00:00 2001 From: nir3shprabu <115976526+nir3shprabu@users.noreply.github.com> Date: Thu, 16 Mar 2023 18:14:05 +0530 Subject: [PATCH 3/4] chore: Modify nginx.conf --- nginx.conf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 242be4e..4f8cb20 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,13 +1,18 @@ -worker_processes 1; +user nginx; +worker_processes auto; +pid /run/nginx/nginx.pid; events { worker_connections 1024; } http { - include mime.types; + include /etc/nginx/mime.types; default_type application/octet-stream; + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + sendfile on; keepalive_timeout 65; From 3e31a1af3997805d5e3674815dc8dc6914256574 Mon Sep 17 00:00:00 2001 From: nir3shprabu <115976526+nir3shprabu@users.noreply.github.com> Date: Mon, 20 Mar 2023 18:40:54 +0530 Subject: [PATCH 4/4] refactor: Modify nginx.conf --- nginx.conf | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 4f8cb20..51ac845 100644 --- a/nginx.conf +++ b/nginx.conf @@ -2,6 +2,7 @@ user nginx; worker_processes auto; pid /run/nginx/nginx.pid; + events { worker_connections 1024; } @@ -19,7 +20,15 @@ http { server { listen 80; listen [::]:80; - server_name lnproxy; + server_name lnproxy.org; + + location /spec { + root "/htdocs/lnproxy.org"; + } + + location /api { + proxy_pass http://localhost:4747; + } location / { root /var/lib/nginx/html; @@ -41,4 +50,4 @@ http { root html; } } -} +} \ No newline at end of file