mirror of
https://github.com/EpicMorg/docker-scripts.git
synced 2024-12-26 14:45:42 +03:00
nginx 1.25.3 + openssl3
This commit is contained in:
parent
f2e355a029
commit
097e998c71
@ -2,6 +2,7 @@
|
||||
## 2023
|
||||
* `sep-oct-nov-dec`
|
||||
* `nextcloud` upgrade
|
||||
* `nginx` fixed and migrated to `openssl3` + `debion12` base and build stages.
|
||||
* `aug`
|
||||
* added `ninjam` server
|
||||
* EOL of `freegpt` by closing project by maintaner - [Em1tSan/freegpt-webui-ru](https://github.com/Em1tSan/freegpt-webui-ru).
|
||||
|
46
linux/ecosystem/atlassian/confluence/7/7.19.17/Dockerfile
Normal file
46
linux/ecosystem/atlassian/confluence/7/7.19.17/Dockerfile
Normal file
@ -0,0 +1,46 @@
|
||||
FROM epicmorg/debian:bullseye-jdk8
|
||||
LABEL maintainer="Atlassian Jira Server Team; EpicMorg DevTeam, developer@epicm.org"
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
##################################################################
|
||||
# ARGuments
|
||||
##################################################################
|
||||
ARG CONFLUENCE_VERSION=7.19.17
|
||||
ARG DOWNLOAD_URL=http://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz
|
||||
|
||||
##################################################################
|
||||
# Setup
|
||||
##################################################################
|
||||
ENV RUN_USER daemon
|
||||
ENV RUN_GROUP daemon
|
||||
|
||||
# https://confluence.atlassian.com/doc/confluence-home-and-other-important-directories-590259707.html
|
||||
ENV CONFLUENCE_HOME /var/atlassian/application-data/confluence
|
||||
ENV CONFLUENCE_INSTALL_DIR /opt/atlassian/confluence
|
||||
|
||||
VOLUME ["${CONFLUENCE_HOME}"]
|
||||
WORKDIR $CONFLUENCE_HOME
|
||||
|
||||
# Expose HTTP and Synchrony ports
|
||||
EXPOSE 8090
|
||||
EXPOSE 8091
|
||||
|
||||
##################################################################
|
||||
# Installing
|
||||
##################################################################
|
||||
RUN mkdir -p ${CONFLUENCE_INSTALL_DIR} \
|
||||
&& curl -L ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "$CONFLUENCE_INSTALL_DIR" \
|
||||
&& chown -R ${RUN_USER}:${RUN_GROUP} ${CONFLUENCE_INSTALL_DIR}/ \
|
||||
&& sed -i -e 's/-Xms\([0-9]\+[kmg]\) -Xmx\([0-9]\+[kmg]\)/-Xms\${JVM_MINIMUM_MEMORY:=\1} -Xmx\${JVM_MAXIMUM_MEMORY:=\2} \${JVM_SUPPORT_RECOMMENDED_ARGS} -Dconfluence.home=\${CONFLUENCE_HOME}/g' ${CONFLUENCE_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/port="8090"/port="8090" secure="${catalinaConnectorSecure}" scheme="${catalinaConnectorScheme}" proxyName="${catalinaConnectorProxyName}" proxyPort="${catalinaConnectorProxyPort}"/' ${CONFLUENCE_INSTALL_DIR}/conf/server.xml && \
|
||||
|
||||
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
|
||||
apt clean -y && \
|
||||
apt autoclean -y && \
|
||||
rm -rfv /var/lib/apt/lists/* && \
|
||||
rm -rfv /var/cache/apt/archives/*.deb
|
||||
|
||||
CMD ["/entrypoint.sh", "-fg"]
|
||||
ENTRYPOINT ["/usr/bin/tini", "--"]
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
COPY . /tmp
|
@ -0,0 +1,46 @@
|
||||
FROM epicmorg/debian:bullseye-jdk11
|
||||
LABEL maintainer="Atlassian Jira Server Team; EpicMorg DevTeam, developer@epicm.org"
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
##################################################################
|
||||
# ARGuments
|
||||
##################################################################
|
||||
ARG CONFLUENCE_VERSION=7.19.17
|
||||
ARG DOWNLOAD_URL=http://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz
|
||||
|
||||
##################################################################
|
||||
# Setup
|
||||
##################################################################
|
||||
ENV RUN_USER daemon
|
||||
ENV RUN_GROUP daemon
|
||||
|
||||
# https://confluence.atlassian.com/doc/confluence-home-and-other-important-directories-590259707.html
|
||||
ENV CONFLUENCE_HOME /var/atlassian/application-data/confluence
|
||||
ENV CONFLUENCE_INSTALL_DIR /opt/atlassian/confluence
|
||||
|
||||
VOLUME ["${CONFLUENCE_HOME}"]
|
||||
WORKDIR $CONFLUENCE_HOME
|
||||
|
||||
# Expose HTTP and Synchrony ports
|
||||
EXPOSE 8090
|
||||
EXPOSE 8091
|
||||
|
||||
##################################################################
|
||||
# Installing
|
||||
##################################################################
|
||||
RUN mkdir -p ${CONFLUENCE_INSTALL_DIR} \
|
||||
&& curl -L ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "$CONFLUENCE_INSTALL_DIR" \
|
||||
&& chown -R ${RUN_USER}:${RUN_GROUP} ${CONFLUENCE_INSTALL_DIR}/ \
|
||||
&& sed -i -e 's/-Xms\([0-9]\+[kmg]\) -Xmx\([0-9]\+[kmg]\)/-Xms\${JVM_MINIMUM_MEMORY:=\1} -Xmx\${JVM_MAXIMUM_MEMORY:=\2} \${JVM_SUPPORT_RECOMMENDED_ARGS} -Dconfluence.home=\${CONFLUENCE_HOME}/g' ${CONFLUENCE_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/port="8090"/port="8090" secure="${catalinaConnectorSecure}" scheme="${catalinaConnectorScheme}" proxyName="${catalinaConnectorProxyName}" proxyPort="${catalinaConnectorProxyPort}"/' ${CONFLUENCE_INSTALL_DIR}/conf/server.xml && \
|
||||
|
||||
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
|
||||
apt clean -y && \
|
||||
apt autoclean -y && \
|
||||
rm -rfv /var/lib/apt/lists/* && \
|
||||
rm -rfv /var/cache/apt/archives/*.deb
|
||||
|
||||
CMD ["/entrypoint.sh", "-fg"]
|
||||
ENTRYPOINT ["/usr/bin/tini", "--"]
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
COPY . /tmp
|
19
linux/ecosystem/atlassian/confluence/7/7.19.17/Makefile
Normal file
19
linux/ecosystem/atlassian/confluence/7/7.19.17/Makefile
Normal file
@ -0,0 +1,19 @@
|
||||
all: app
|
||||
|
||||
app:
|
||||
make build
|
||||
make deploy
|
||||
make clean
|
||||
|
||||
build:
|
||||
docker-compose build --compress --parallel --progress plain
|
||||
|
||||
deploy:
|
||||
docker-compose push
|
||||
|
||||
clean:
|
||||
docker container prune -f
|
||||
docker image prune -f
|
||||
docker network prune -f
|
||||
docker volume prune -f
|
||||
docker system prune -af
|
@ -0,0 +1,11 @@
|
||||
version: '3.9'
|
||||
services:
|
||||
app:
|
||||
image: "epicmorg/confluence:7.19.17"
|
||||
build:
|
||||
context: .
|
||||
app-jdk11:
|
||||
image: "epicmorg/confluence:7.19.17-jdk11"
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.jdk11
|
39
linux/ecosystem/atlassian/confluence/7/7.19.17/entrypoint.sh
Executable file
39
linux/ecosystem/atlassian/confluence/7/7.19.17/entrypoint.sh
Executable file
@ -0,0 +1,39 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
export JAVA_HOME=$(readlink -f /usr/bin/javac | sed "s:/bin/javac::")
|
||||
export JRE_HOME="$JAVA_HOME/jre"
|
||||
export JAVA_BINARY="$JRE_HOME/bin/java"
|
||||
export JAVA_VERSION=$("$JAVA_BINARY" -version 2>&1 | awk -F '"' '/version/ {print $2}')
|
||||
|
||||
|
||||
# Setup Catalina Opts
|
||||
: ${CATALINA_CONNECTOR_PROXYNAME:=}
|
||||
: ${CATALINA_CONNECTOR_PROXYPORT:=}
|
||||
: ${CATALINA_CONNECTOR_SCHEME:=http}
|
||||
: ${CATALINA_CONNECTOR_SECURE:=false}
|
||||
|
||||
: ${CATALINA_OPTS:=}
|
||||
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorProxyName=${CATALINA_CONNECTOR_PROXYNAME}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorProxyPort=${CATALINA_CONNECTOR_PROXYPORT}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorScheme=${CATALINA_CONNECTOR_SCHEME}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorSecure=${CATALINA_CONNECTOR_SECURE}"
|
||||
|
||||
export CATALINA_OPTS
|
||||
|
||||
|
||||
# Start Confluence as the correct user
|
||||
if [ "${UID}" -eq 0 ]; then
|
||||
echo "User is currently root. Will change directory ownership to ${RUN_USER}:${RUN_GROUP}, then downgrade permission to ${RUN_USER}"
|
||||
PERMISSIONS_SIGNATURE=$(stat -c "%u:%U:%a" "${CONFLUENCE_HOME}")
|
||||
EXPECTED_PERMISSIONS=$(id -u ${RUN_USER}):${RUN_USER}:700
|
||||
if [ "${PERMISSIONS_SIGNATURE}" != "${EXPECTED_PERMISSIONS}" ]; then
|
||||
chmod -R 700 "${CONFLUENCE_HOME}" &&
|
||||
chown -R "${RUN_USER}:${RUN_GROUP}" "${CONFLUENCE_HOME}"
|
||||
fi
|
||||
# Now drop privileges
|
||||
exec su -s /bin/bash "${RUN_USER}" -c "$CONFLUENCE_INSTALL_DIR/bin/start-confluence.sh $@"
|
||||
else
|
||||
exec "$CONFLUENCE_INSTALL_DIR/bin/start-confluence.sh" "$@"
|
||||
fi
|
2
linux/ecosystem/atlassian/jira/9/9.4.14/.env
Normal file
2
linux/ecosystem/atlassian/jira/9/9.4.14/.env
Normal file
@ -0,0 +1,2 @@
|
||||
RELEASE=9.4.14
|
||||
DOWNLOAD_URL=https://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-software-${RELEASE}.tar.gz
|
52
linux/ecosystem/atlassian/jira/9/9.4.14/Dockerfile
Normal file
52
linux/ecosystem/atlassian/jira/9/9.4.14/Dockerfile
Normal file
@ -0,0 +1,52 @@
|
||||
FROM epicmorg/debian:bookworm-jdk8
|
||||
LABEL maintainer="Atlassian Jira Server Team; EpicMorg DevTeam, developer@epicm.org"
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
##################################################################
|
||||
# ARGuments
|
||||
##################################################################
|
||||
|
||||
#configured by dockerfile / .ENV
|
||||
ARG RELEASE
|
||||
ARG DOWNLOAD_URL
|
||||
|
||||
##################################################################
|
||||
# Setup
|
||||
##################################################################
|
||||
ENV RUN_USER daemon
|
||||
ENV RUN_GROUP daemon
|
||||
|
||||
# https://confluence.atlassian.com/display/JSERVERM/Important+directories+and+files
|
||||
ENV JIRA_HOME /var/atlassian/application-data/jira
|
||||
ENV JIRA_INSTALL_DIR /opt/atlassian/jira
|
||||
|
||||
VOLUME ["${JIRA_HOME}"]
|
||||
WORKDIR $JIRA_HOME
|
||||
|
||||
# Expose HTTP port
|
||||
EXPOSE 8080
|
||||
|
||||
##################################################################
|
||||
# Installing
|
||||
##################################################################
|
||||
RUN mkdir -p ${JIRA_INSTALL_DIR} \
|
||||
&& curl --user-agent "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" -L ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "$JIRA_INSTALL_DIR" \
|
||||
&& chown -R ${RUN_USER}:${RUN_GROUP} ${JIRA_INSTALL_DIR}/ \
|
||||
&& sed -i -e 's/^JVM_SUPPORT_RECOMMENDED_ARGS=""$/: \${JVM_SUPPORT_RECOMMENDED_ARGS:=""}/g' ${JIRA_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/^JVM_\(.*\)_MEMORY="\(.*\)"$/: \${JVM_\1_MEMORY:=\2}/g' ${JIRA_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/grep "java version"/grep -E "(openjdk|java) version"/g' ${JIRA_INSTALL_DIR}/bin/check-java.sh \
|
||||
&& sed -i -e 's/port="8080"/port="8080" secure="${catalinaConnectorSecure}" scheme="${catalinaConnectorScheme}" proxyName="${catalinaConnectorProxyName}" proxyPort="${catalinaConnectorProxyPort}"/' ${JIRA_INSTALL_DIR}/conf/server.xml && \
|
||||
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
|
||||
apt clean -y && \
|
||||
apt autoclean -y && \
|
||||
rm -rfv /var/lib/apt/lists/* && \
|
||||
rm -rfv /var/cache/apt/archives/*.deb && \
|
||||
rm -rfv /tmp/*
|
||||
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
CMD ["/entrypoint.sh", "-fg"]
|
||||
ENTRYPOINT ["/usr/bin/tini", "--"]
|
||||
#COPY . /tmp
|
51
linux/ecosystem/atlassian/jira/9/9.4.14/Dockerfile.jdk11
Normal file
51
linux/ecosystem/atlassian/jira/9/9.4.14/Dockerfile.jdk11
Normal file
@ -0,0 +1,51 @@
|
||||
FROM epicmorg/debian:bookworm-jdk11
|
||||
LABEL maintainer="Atlassian Jira Server Team; EpicMorg DevTeam, developer@epicm.org"
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
##################################################################
|
||||
# ARGuments
|
||||
##################################################################
|
||||
|
||||
#configured by dockerfile / .ENV
|
||||
ARG RELEASE
|
||||
ARG DOWNLOAD_URL
|
||||
|
||||
##################################################################
|
||||
# Setup
|
||||
##################################################################
|
||||
ENV RUN_USER daemon
|
||||
ENV RUN_GROUP daemon
|
||||
|
||||
# https://confluence.atlassian.com/display/JSERVERM/Important+directories+and+files
|
||||
ENV JIRA_HOME /var/atlassian/application-data/jira
|
||||
ENV JIRA_INSTALL_DIR /opt/atlassian/jira
|
||||
|
||||
VOLUME ["${JIRA_HOME}"]
|
||||
WORKDIR $JIRA_HOME
|
||||
|
||||
# Expose HTTP port
|
||||
EXPOSE 8080
|
||||
|
||||
##################################################################
|
||||
# Installing
|
||||
##################################################################
|
||||
RUN mkdir -p ${JIRA_INSTALL_DIR} \
|
||||
&& curl --user-agent "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" -L ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "$JIRA_INSTALL_DIR" \
|
||||
&& chown -R ${RUN_USER}:${RUN_GROUP} ${JIRA_INSTALL_DIR}/ \
|
||||
&& sed -i -e 's/^JVM_SUPPORT_RECOMMENDED_ARGS=""$/: \${JVM_SUPPORT_RECOMMENDED_ARGS:=""}/g' ${JIRA_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/^JVM_\(.*\)_MEMORY="\(.*\)"$/: \${JVM_\1_MEMORY:=\2}/g' ${JIRA_INSTALL_DIR}/bin/setenv.sh \
|
||||
&& sed -i -e 's/grep "java version"/grep -E "(openjdk|java) version"/g' ${JIRA_INSTALL_DIR}/bin/check-java.sh \
|
||||
&& sed -i -e 's/port="8080"/port="8080" secure="${catalinaConnectorSecure}" scheme="${catalinaConnectorScheme}" proxyName="${catalinaConnectorProxyName}" proxyPort="${catalinaConnectorProxyPort}"/' ${JIRA_INSTALL_DIR}/conf/server.xml && \
|
||||
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
|
||||
apt clean -y && \
|
||||
apt autoclean -y && \
|
||||
rm -rfv /var/lib/apt/lists/* && \
|
||||
rm -rfv /var/cache/apt/archives/*.deb && \
|
||||
rm -rfv /tmp/*
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
CMD ["/entrypoint.sh", "-fg"]
|
||||
ENTRYPOINT ["/usr/bin/tini", "--"]
|
||||
#COPY . /tmp
|
19
linux/ecosystem/atlassian/jira/9/9.4.14/Makefile
Normal file
19
linux/ecosystem/atlassian/jira/9/9.4.14/Makefile
Normal file
@ -0,0 +1,19 @@
|
||||
all: app
|
||||
|
||||
app:
|
||||
make build
|
||||
make deploy
|
||||
make clean
|
||||
|
||||
build:
|
||||
docker-compose build --compress --parallel --progress plain
|
||||
|
||||
deploy:
|
||||
docker-compose push
|
||||
|
||||
clean:
|
||||
docker container prune -f
|
||||
docker image prune -f
|
||||
docker network prune -f
|
||||
docker volume prune -f
|
||||
docker system prune -af
|
17
linux/ecosystem/atlassian/jira/9/9.4.14/docker-compose.yml
Normal file
17
linux/ecosystem/atlassian/jira/9/9.4.14/docker-compose.yml
Normal file
@ -0,0 +1,17 @@
|
||||
version: '3.9'
|
||||
services:
|
||||
app:
|
||||
image: "epicmorg/jira:${RELEASE}"
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
RELEASE: ${RELEASE}
|
||||
DOWNLOAD_URL: ${DOWNLOAD_URL}
|
||||
app-jdk11:
|
||||
image: "epicmorg/jira:${RELEASE}-jdk11"
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.jdk11
|
||||
args:
|
||||
RELEASE: ${RELEASE}
|
||||
DOWNLOAD_URL: ${DOWNLOAD_URL}
|
89
linux/ecosystem/atlassian/jira/9/9.4.14/entrypoint.sh
Executable file
89
linux/ecosystem/atlassian/jira/9/9.4.14/entrypoint.sh
Executable file
@ -0,0 +1,89 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
export JAVA_HOME=$(readlink -f /usr/bin/javac | sed "s:/bin/javac::")
|
||||
export JRE_HOME="$JAVA_HOME/jre"
|
||||
export JAVA_BINARY="$JRE_HOME/bin/java"
|
||||
export JAVA_VERSION=$("$JAVA_BINARY" -version 2>&1 | awk -F '"' '/version/ {print $2}')
|
||||
|
||||
# Setup Catalina Opts
|
||||
: ${CATALINA_CONNECTOR_PROXYNAME:=}
|
||||
: ${CATALINA_CONNECTOR_PROXYPORT:=}
|
||||
: ${CATALINA_CONNECTOR_SCHEME:=http}
|
||||
: ${CATALINA_CONNECTOR_SECURE:=false}
|
||||
|
||||
: ${CATALINA_OPTS:=}
|
||||
|
||||
: ${JAVA_OPTS:=}
|
||||
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorProxyName=${CATALINA_CONNECTOR_PROXYNAME}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorProxyPort=${CATALINA_CONNECTOR_PROXYPORT}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorScheme=${CATALINA_CONNECTOR_SCHEME}"
|
||||
CATALINA_OPTS="${CATALINA_OPTS} -DcatalinaConnectorSecure=${CATALINA_CONNECTOR_SECURE}"
|
||||
|
||||
export JAVA_OPTS="${JAVA_OPTS} ${CATALINA_OPTS}"
|
||||
|
||||
# Setup Data Center configuration
|
||||
if [ ! -f "/etc/container_id" ]; then
|
||||
uuidgen > /etc/container_id
|
||||
fi
|
||||
CONTAINER_ID=$(cat /etc/container_id)
|
||||
CONTAINER_SHORT_ID=${CONTAINER_ID::8}
|
||||
|
||||
: ${CLUSTERED:=false}
|
||||
: ${JIRA_NODE_ID:=jira_node_${CONTAINER_SHORT_ID}}
|
||||
: ${JIRA_SHARED_HOME:=${JIRA_HOME}/shared}
|
||||
: ${EHCACHE_PEER_DISCOVERY:=}
|
||||
: ${EHCACHE_LISTENER_HOSTNAME:=}
|
||||
: ${EHCACHE_LISTENER_PORT:=}
|
||||
: ${EHCACHE_LISTENER_SOCKETTIMEOUTMILLIS:=}
|
||||
: ${EHCACHE_MULTICAST_ADDRESS:=}
|
||||
: ${EHCACHE_MULTICAST_PORT:=}
|
||||
: ${EHCACHE_MULTICAST_TIMETOLIVE:=}
|
||||
: ${EHCACHE_MULTICAST_HOSTNAME:=}
|
||||
|
||||
# Cleanly set/unset values in cluster.properties
|
||||
function set_cluster_property {
|
||||
if [ -z $2 ]; then
|
||||
if [ -f "${JIRA_HOME}/cluster.properties" ]; then
|
||||
sed -i -e "/^${1}/d" "${JIRA_HOME}/cluster.properties"
|
||||
fi
|
||||
return
|
||||
fi
|
||||
if [ ! -f "${JIRA_HOME}/cluster.properties" ]; then
|
||||
echo "${1}=${2}" >> "${JIRA_HOME}/cluster.properties"
|
||||
elif grep "^${1}" "${JIRA_HOME}/cluster.properties"; then
|
||||
sed -i -e "s#^${1}=.*#${1}=${2}#g" "${JIRA_HOME}/cluster.properties"
|
||||
else
|
||||
echo "${1}=${2}" >> "${JIRA_HOME}/cluster.properties"
|
||||
fi
|
||||
}
|
||||
|
||||
if [ "${CLUSTERED}" == "true" ]; then
|
||||
set_cluster_property "jira.node.id" "${JIRA_NODE_ID}"
|
||||
set_cluster_property "jira.shared.home" "${JIRA_SHARED_HOME}"
|
||||
set_cluster_property "ehcache.peer.discovery" "${EHCACHE_PEER_DISCOVERY}"
|
||||
set_cluster_property "ehcache.listener.hostName" "${EHCACHE_LISTENER_HOSTNAME}"
|
||||
set_cluster_property "ehcache.listener.port" "${EHCACHE_LISTENER_PORT}"
|
||||
set_cluster_property "ehcache.listener.socketTimeoutMillis" "${EHCACHE_LISTENER_PORT}"
|
||||
set_cluster_property "ehcache.multicast.address" "${EHCACHE_MULTICAST_ADDRESS}"
|
||||
set_cluster_property "ehcache.multicast.port" "${EHCACHE_MULTICAST_PORT}"
|
||||
set_cluster_property "ehcache.multicast.timeToLive" "${EHCACHE_MULTICAST_TIMETOLIVE}"
|
||||
set_cluster_property "ehcache.multicast.hostName" "${EHCACHE_MULTICAST_HOSTNAME}"
|
||||
fi
|
||||
|
||||
|
||||
# Start Jira as the correct user
|
||||
if [ "${UID}" -eq 0 ]; then
|
||||
echo "User is currently root. Will change directory ownership to ${RUN_USER}:${RUN_GROUP}, then downgrade permission to ${RUN_USER}"
|
||||
PERMISSIONS_SIGNATURE=$(stat -c "%u:%U:%a" "${JIRA_HOME}")
|
||||
EXPECTED_PERMISSIONS=$(id -u ${RUN_USER}):${RUN_USER}:700
|
||||
if [ "${PERMISSIONS_SIGNATURE}" != "${EXPECTED_PERMISSIONS}" ]; then
|
||||
chmod -R 700 "${JIRA_HOME}" &&
|
||||
chown -R "${RUN_USER}:${RUN_GROUP}" "${JIRA_HOME}"
|
||||
fi
|
||||
# Now drop privileges
|
||||
exec su -s /bin/bash "${RUN_USER}" -c "$JIRA_INSTALL_DIR/bin/start-jira.sh $@"
|
||||
else
|
||||
exec "$JIRA_INSTALL_DIR/bin/start-jira.sh" "$@"
|
||||
fi
|
@ -109,7 +109,11 @@ RUN apt-get update && \
|
||||
automake \
|
||||
libtool \
|
||||
gdb \
|
||||
strace
|
||||
strace \
|
||||
libbsd-dev \
|
||||
libedit-dev \
|
||||
libmd-dev
|
||||
|
||||
|
||||
##################################################################
|
||||
# Rust compillers
|
||||
|
@ -108,7 +108,11 @@ RUN apt-get update && \
|
||||
automake \
|
||||
libtool \
|
||||
gdb \
|
||||
strace
|
||||
strace \
|
||||
libbsd-dev \
|
||||
libedit-dev \
|
||||
libmd-dev
|
||||
|
||||
|
||||
##################################################################
|
||||
# Rust compillers
|
||||
|
@ -1,2 +1,14 @@
|
||||
NGINX_VERSION=latest
|
||||
NGINX_DOWNLOAD_URL=http://nginx.org/download/nginx-1.25.1.tar.gz
|
||||
NGINX_TAG=latest
|
||||
NGINX_VERSION=1.25.3
|
||||
NGINX_DOWNLOAD_URL=http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
|
||||
|
||||
OPENSSL_VERSION=3.2.0
|
||||
OPENSSL_DOWNLOAD_URL=https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz
|
||||
|
||||
# PCRE source tarball
|
||||
PCRE_VERSION=10.42
|
||||
PCRE_DOWNLOAD_URL=https://github.com/PCRE2Project/pcre2/releases/download/pcre2-${PCRE_VERSION}/pcre2-${PCRE_VERSION}.tar.gz
|
||||
|
||||
# zlib source tarball
|
||||
ZLIB_VERSION=1.3
|
||||
ZLIB_DOWNLOAD_URL=https://zlib.net/fossils/zlib-${ZLIB_VERSION}.tar.gz
|
||||
|
@ -1,8 +1,3 @@
|
||||
##################################################################
|
||||
# Set Global ARG to build process
|
||||
##################################################################
|
||||
ARG NGINX_VERSION
|
||||
|
||||
##################################################################
|
||||
# Start build process
|
||||
##################################################################
|
||||
@ -10,6 +5,11 @@ FROM epicmorg/debian:bookworm-develop AS builder
|
||||
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
#RUN apt-get update && \
|
||||
# apt-get install -y --allow-unauthenticated \
|
||||
# libedit-dev \
|
||||
# libreadline-dev
|
||||
|
||||
##################################################################
|
||||
# ARGuments
|
||||
##################################################################
|
||||
@ -19,19 +19,77 @@ ARG SRC_DIR=${BUILDS_DIR}/src
|
||||
ARG EXPORT_DIR=${BUILDS_DIR}/export
|
||||
ARG PRE_DIR=${BUILDS_DIR}/pre
|
||||
ARG NGINX_SRC_DIR=${SRC_DIR}/nginx
|
||||
ARG NGINX_TAG
|
||||
ARG NGINX_VERSION
|
||||
ARG NGINX_DOWNLOAD_URL
|
||||
ARG OPENSSL_VERSION
|
||||
ARG OPENSSL_DOWNLOAD_URL
|
||||
ARG OPENSSL_SRC_DIR=${SRC_DIR}/openssl
|
||||
ARG PCRE_VERSION
|
||||
ARG PCRE_DOWNLOAD_URL
|
||||
ARG PCRE_SRC_DIR=${SRC_DIR}/pcre
|
||||
ARG ZLIB_VERSION
|
||||
ARG ZLIB_DOWNLOAD_URL
|
||||
ARG ZLIB_SRC_DIR=${SRC_DIR}/zlib
|
||||
ARG LUAJIT_INC=/usr/local/include/luajit-2.1
|
||||
ARG LUAJIT_LIB=/usr/local/lib
|
||||
|
||||
##################################################################
|
||||
# Files and folders
|
||||
##################################################################
|
||||
RUN mkdir -p ${PRE_DIR} ${NGINX_SRC_DIR} /usr/lib/nginx
|
||||
RUN mkdir -p ${PRE_DIR} ${NGINX_SRC_DIR} /usr/lib/nginx ${OPENSSL_SRC_DIR} ${PCRE_SRC_DIR}-temp ${ZLIB_SRC_DIR}
|
||||
ADD pre/luajit2-description-pak ${PRE_DIR}
|
||||
ADD pre/nginx-description-pak ${PRE_DIR}
|
||||
ADD pre/ip2location-description-pak ${PRE_DIR}
|
||||
|
||||
##################################################################
|
||||
# Files and folders
|
||||
##################################################################
|
||||
#RUN cd ${SRC_DIR} && \
|
||||
# openssl version && \
|
||||
# wget --no-check-certificate -nv --random-wait --retry-connrefused --continue ${OPENSSL_DOWNLOAD_URL} -P ${SRC_DIR} && \
|
||||
# tar --verbose -xzf ${SRC_DIR}/openssl-${OPENSSL_VERSION}.tar.gz --strip-components=1 -C ${OPENSSL_SRC_DIR} && \
|
||||
# cd ${OPENSSL_SRC_DIR} && \
|
||||
# ./configure \
|
||||
# --no-shared \
|
||||
# --enable-weak-ssl-ciphers \
|
||||
# --enable-ktls && \
|
||||
# make && \
|
||||
# make install && \
|
||||
# openssl version && \
|
||||
# rm -rfv ${SRC_DIR}/openssl-${OPENSSL_VERSION}.tar.gz
|
||||
|
||||
RUN cd ${SRC_DIR} && \
|
||||
wget --no-check-certificate -nv --random-wait --retry-connrefused --continue ${PCRE_DOWNLOAD_URL} -P ${SRC_DIR} && \
|
||||
tar --verbose -xzf ${SRC_DIR}/pcre2-${PCRE_VERSION}.tar.gz --strip-components=1 -C ${PCRE_SRC_DIR}-temp && \
|
||||
cp -rfv ${PCRE_SRC_DIR}-temp ${PCRE_SRC_DIR} && \
|
||||
rm -rf ${PCRE_SRC_DIR}-temp && \
|
||||
cd ${PCRE_SRC_DIR} && \
|
||||
./configure \
|
||||
--enable-shared \
|
||||
--enable-static \
|
||||
--enable-pcre2-16 \
|
||||
--enable-pcre2-32 \
|
||||
--enable-debug \
|
||||
--enable-jit \
|
||||
--enable-newline-is-anycrlf \
|
||||
--enable-pcre2grep-libz \
|
||||
--enable-pcre2grep-libbz2 \
|
||||
--enable-pcre2test-libedit \
|
||||
# --enable-pcre2test-libreadline \
|
||||
--enable-unicode-properties \
|
||||
--enable-unicode \
|
||||
# --enable-valgrind \
|
||||
--enable-fuzz-support && \
|
||||
make && \
|
||||
make install && \
|
||||
rm -rfv ${SRC_DIR}/pcre2-${PCRE_VERSION}.tar.gz
|
||||
|
||||
RUN cd ${SRC_DIR} && \
|
||||
wget --no-check-certificate -nv --random-wait --retry-connrefused --continue ${ZLIB_DOWNLOAD_URL} -P ${SRC_DIR} && \
|
||||
tar --verbose -xzf ${SRC_DIR}/zlib-${ZLIB_VERSION}.tar.gz --strip-components=1 -C ${ZLIB_SRC_DIR} && \
|
||||
rm -rfv ${SRC_DIR}/zlib-${ZLIB_VERSION}.tar.gz
|
||||
|
||||
##################################################################
|
||||
# IP2Location support for prod nginx module
|
||||
##################################################################
|
||||
@ -53,13 +111,13 @@ RUN cd ${SRC_DIR} && \
|
||||
make check && \
|
||||
ls -las && \
|
||||
fakeroot checkinstall -D --pakdir=${EXPORT_DIR} --maintainer="EpicMorg, developer@epicm.org" --pkgname=ip2-custom --conflicts=ip2 --install=yes -y && \
|
||||
# ln -s /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.3 /usr/lib/libIP2Location.so.3 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.4 /usr/lib/libIP2Location.so.4 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.5 /usr/lib/libIP2Location.so.5 && \
|
||||
ln -s /lib/x86_64-linux-gnu/libcrypto.so.1.1 /lib/x86_64-linux-gnu/libcrypto.so.1 && \
|
||||
# ln -sfv /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.3 /usr/lib/libIP2Location.so.3 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.4 /usr/lib/libIP2Location.so.4 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.5 /usr/lib/libIP2Location.so.5 && \
|
||||
ln -sfv /lib/x86_64-linux-gnu/libcrypto.so.1.1 /lib/x86_64-linux-gnu/libcrypto.so.1 && \
|
||||
dpkg --force-all -i ${EXPORT_DIR}/*.deb
|
||||
|
||||
##################################################################
|
||||
@ -73,6 +131,17 @@ RUN cd ${SRC_DIR} && \
|
||||
make install && \
|
||||
fakeroot checkinstall -D --pakdir=${EXPORT_DIR} --maintainer="EpicMorg, developer@epicm.org" --pkgname=luajit2-custom --conflicts=luajit2 --install=no -y
|
||||
|
||||
#RUN cd ${SRC_DIR} && \
|
||||
# git clone https://gitlab.gnome.org/GNOME/libxml2.git libxml2-src && \
|
||||
# cd ${SRC_DIR}/libxml2-src && \
|
||||
# ./autogen.sh --prefix=/usr && \
|
||||
# make && \
|
||||
# make install&& \
|
||||
# git clone https://gitlab.gnome.org/GNOME/libxslt.git libxslt-src && \
|
||||
# ./autogen.sh --prefix=/usr && \
|
||||
# make && \
|
||||
# make install
|
||||
|
||||
##################################################################
|
||||
# nginx preparing
|
||||
##################################################################
|
||||
@ -130,8 +199,14 @@ RUN cd ${NGINX_SRC_DIR} && \
|
||||
--http-proxy-temp-path=/var/lib/nginx/proxy \
|
||||
--http-scgi-temp-path=/var/lib/nginx/scgi \
|
||||
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
|
||||
--with-cc-opt='-I/usr/local/include/luajit-2.1 -g -O2 -lz -fstack-protector-strong -Wformat -Wno-error=date-time -Wno-error=implicit-fallthrough= -Wno-error=cast-function-type -Wno-error=format-security -Wno-error=implicit-function-declaration -Wno-error=deprecated-declarations -Wno-error=unused-result -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' \
|
||||
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -lz -fPIC -L/usr/local/lib' \
|
||||
--with-cc-opt='-I/usr/local/include/luajit-2.1 -I/builds/src/openssl/include -g -O2 -lz -fstack-protector-strong -Wformat -Wno-error=date-time -Wno-error=implicit-fallthrough= -Wno-error=cast-function-type -Wno-error=format-security -Wno-error=implicit-function-declaration -Wno-error=deprecated-declarations -Wno-error=unused-result -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' \
|
||||
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -lz -fPIC -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' \
|
||||
# --with-openssl \
|
||||
--with-openssl-opt='no-shared enable-weak-ssl-ciphers enable-ktls' \
|
||||
--with-pcre \
|
||||
# --with-pcre=/builds/src/pcre \
|
||||
--with-pcre-opt='--enable-shared --enable-static --enable-pcre2-16 --enable-pcre2-32 --enable-debug --enable-jit --enable-newline-is-anycrlf --enable-pcre2grep-libz --enable-pcre2grep-libbz2 --enable-pcre2test-libedit --enable-unicode-properties --enable-unicode --enable-fuzz-support' \
|
||||
--with-zlib=/builds/src/zlib \
|
||||
--with-file-aio \
|
||||
--with-compat \
|
||||
--with-debug \
|
||||
@ -155,7 +230,7 @@ RUN cd ${NGINX_SRC_DIR} && \
|
||||
--with-http_random_index_module \
|
||||
--with-http_secure_link_module \
|
||||
--with-http_sub_module \
|
||||
--with-http_xslt_module=dynamic \
|
||||
--with-http_xslt_module \
|
||||
--with-mail=dynamic \
|
||||
--with-mail_ssl_module \
|
||||
--with-stream=dynamic \
|
||||
@ -210,47 +285,49 @@ RUN echo "TLS_REQCERT never" >> /etc/ldap/ldap.conf
|
||||
##################################################################
|
||||
# Installing nginx from deb
|
||||
##################################################################
|
||||
ADD pre/ngninx.pre.tar.gz /
|
||||
COPY pre/ngninx.pre.tar.gz /tmp/ngninx.pre.tar.gz
|
||||
COPY ./pre/nginx-pre /tmp/nginx-pre
|
||||
COPY --from=builder /builds/export /tmp/deb
|
||||
RUN apt-get update && \
|
||||
|
||||
RUN cp -rfv /tmp/nginx-pre/* / && \
|
||||
apt-get update && \
|
||||
apt-get install -y --allow-unauthenticated \
|
||||
geoip-database \
|
||||
geoip-bin \
|
||||
libgeoip1 \
|
||||
libxml2 \
|
||||
libxml2-utils \
|
||||
libmaxminddb0 \
|
||||
libgd3 \
|
||||
libxslt1.1 && \
|
||||
dpkg --force-all -i /tmp/deb/*.deb && \
|
||||
mkdir -p /opt/nginx/install && \
|
||||
cp /tmp/deb/*.deb /opt/nginx/install/ && \
|
||||
cp /tmp/ngninx.pre.tar.gz /opt/nginx/install/ && \
|
||||
ln -s /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.3 /usr/lib/libIP2Location.so.3 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.4 /usr/lib/libIP2Location.so.4 && \
|
||||
ln -s /usr/local/lib/libIP2Location.so.5 /usr/lib/libIP2Location.so.5 && \
|
||||
ln -s /lib/x86_64-linux-gnu/libcrypto.so.1.1 /lib/x86_64-linux-gnu/libcrypto.so.1 && \
|
||||
ln -sf /dev/stdout /var/log/nginx/access.log && \
|
||||
ln -sf /dev/stderr /var/log/nginx/error.log && \
|
||||
ln -sf /etc/ssl/dhparam.pem /etc/nginx/dhparam.pem && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.3 /usr/lib/libIP2Location.so.3 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.4 /usr/lib/libIP2Location.so.4 && \
|
||||
ln -sfv /usr/local/lib/libIP2Location.so.5 /usr/lib/libIP2Location.so.5 && \
|
||||
ln -sfv /lib/x86_64-linux-gnu/libcrypto.so.1.1 /lib/x86_64-linux-gnu/libcrypto.so.1 && \
|
||||
ln -sfv /dev/stdout /var/log/nginx/access.log && \
|
||||
ln -sfv /dev/stderr /var/log/nginx/error.log && \
|
||||
ln -sfv /etc/ssl/dhparam.pem /etc/nginx/dhparam.pem && \
|
||||
apt clean -y && \
|
||||
apt autoclean -y && \
|
||||
rm -rf /var/lib/apt/lists/* && \
|
||||
rm -rf /var/cache/apt/archives/*.deb && \
|
||||
rm -rf /tmp/* && \
|
||||
rm -rf /builds/* && \
|
||||
rm -rf /valve/* && \
|
||||
rm -rfv /var/lib/apt/lists/* && \
|
||||
rm -rfv /var/cache/apt/archives/*.deb && \
|
||||
rm -rfv /tmp/* && \
|
||||
rm -rfv /builds/* && \
|
||||
rm -rfv /valve/* && \
|
||||
rm -rfv /builds && \
|
||||
rm -rfv /valve
|
||||
|
||||
RUN nginx -V
|
||||
|
||||
#healthcheck. good practice
|
||||
HEALTHCHECK --interval=2m --timeout=3s CMD curl -f http://localhost:80/ || exit 1
|
||||
|
||||
# Add image configuration and scripts
|
||||
COPY docker-entrypoint.sh /usr/bin/docker-entrypoint.sh
|
||||
RUN chmod 755 /usr/bin/docker-entrypoint.sh
|
||||
COPY ./docker-entrypoint.sh /usr/bin/docker-entrypoint.sh
|
||||
RUN chmod +x /usr/bin/docker-entrypoint.sh
|
||||
|
||||
#Final config
|
||||
VOLUME ["/var/cache/nginx"]
|
||||
|
@ -6,7 +6,7 @@ app:
|
||||
make clean
|
||||
|
||||
build:
|
||||
docker-compose build --compress --parallel --progress plain
|
||||
docker-compose build --compress --progress plain
|
||||
|
||||
deploy:
|
||||
docker-compose push
|
||||
|
@ -1,9 +1,16 @@
|
||||
version: '3.9'
|
||||
services:
|
||||
app:
|
||||
image: "epicmorg/nginx:${NGINX_VERSION}"
|
||||
image: "epicmorg/nginx:${NGINX_TAG}"
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
NGINX_TAG: latest
|
||||
NGINX_VERSION: ${NGINX_VERSION}
|
||||
NGINX_DOWNLOAD_URL: ${NGINX_DOWNLOAD_URL}
|
||||
OPENSSL_VERSION: ${OPENSSL_VERSION}
|
||||
OPENSSL_DOWNLOAD_URL: ${OPENSSL_DOWNLOAD_URL}
|
||||
PCRE_VERSION: ${PCRE_VERSION}
|
||||
PCRE_DOWNLOAD_URL: ${PCRE_DOWNLOAD_URL}
|
||||
ZLIB_VERSION: ${ZLIB_VERSION}
|
||||
ZLIB_DOWNLOAD_URL: ${ZLIB_DOWNLOAD_URL}
|
||||
|
@ -0,0 +1,10 @@
|
||||
# Note: You may want to look at the following page before setting the ULIMIT.
|
||||
# http://wiki.nginx.org/CoreModule#worker_rlimit_nofile
|
||||
# Set the ulimit variable if you need defaults to change.
|
||||
# Example: ULIMIT="-n 4096"
|
||||
#ULIMIT="-n 4096"
|
||||
|
||||
# Define the stop schedule for nginx
|
||||
# see the start-stop-daemon --retry documentation for more information
|
||||
#
|
||||
#STOP_SCHEDULE="QUIT/5/TERM/5/KILL/5"
|
196
linux/ecosystem/nginx/latest/mainline/main/pre/nginx-pre/etc/init.d/nginx
Executable file
196
linux/ecosystem/nginx/latest/mainline/main/pre/nginx-pre/etc/init.d/nginx
Executable file
@ -0,0 +1,196 @@
|
||||
#!/bin/sh
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: nginx
|
||||
# Required-Start: $local_fs $remote_fs $network $syslog $named
|
||||
# Required-Stop: $local_fs $remote_fs $network $syslog $named
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: starts the nginx web server
|
||||
# Description: starts nginx using start-stop-daemon
|
||||
### END INIT INFO
|
||||
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
DAEMON=/usr/sbin/nginx
|
||||
NAME=nginx
|
||||
DESC=nginx
|
||||
|
||||
# Include nginx defaults if available
|
||||
if [ -r /etc/default/nginx ]; then
|
||||
. /etc/default/nginx
|
||||
fi
|
||||
|
||||
STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"
|
||||
|
||||
test -x $DAEMON || exit 0
|
||||
|
||||
. /lib/init/vars.sh
|
||||
. /lib/lsb/init-functions
|
||||
|
||||
# Try to extract nginx pidfile
|
||||
PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
|
||||
if [ -z "$PID" ]; then
|
||||
PID=/run/nginx.pid
|
||||
fi
|
||||
|
||||
if [ -n "$ULIMIT" ]; then
|
||||
# Set ulimit if it is set in /etc/default/nginx
|
||||
ulimit $ULIMIT
|
||||
fi
|
||||
|
||||
start_nginx() {
|
||||
# Start the daemon/service
|
||||
#
|
||||
# Returns:
|
||||
# 0 if daemon has been started
|
||||
# 1 if daemon was already running
|
||||
# 2 if daemon could not be started
|
||||
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
|
||||
|| return 1
|
||||
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
|
||||
$DAEMON_OPTS 2>/dev/null \
|
||||
|| return 2
|
||||
}
|
||||
|
||||
test_config() {
|
||||
# Test the nginx configuration
|
||||
$DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
|
||||
}
|
||||
|
||||
stop_nginx() {
|
||||
# Stops the daemon/service
|
||||
#
|
||||
# Return
|
||||
# 0 if daemon has been stopped
|
||||
# 1 if daemon was already stopped
|
||||
# 2 if daemon could not be stopped
|
||||
# other if a failure occurred
|
||||
start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
|
||||
RETVAL="$?"
|
||||
sleep 1
|
||||
return "$RETVAL"
|
||||
}
|
||||
|
||||
reload_nginx() {
|
||||
# Function that sends a SIGHUP to the daemon/service
|
||||
start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
|
||||
return 0
|
||||
}
|
||||
|
||||
rotate_logs() {
|
||||
# Rotate log files
|
||||
start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
|
||||
return 0
|
||||
}
|
||||
|
||||
upgrade_nginx() {
|
||||
# Online upgrade nginx executable
|
||||
# http://nginx.org/en/docs/control.html
|
||||
#
|
||||
# Return
|
||||
# 0 if nginx has been successfully upgraded
|
||||
# 1 if nginx is not running
|
||||
# 2 if the pid files were not created on time
|
||||
# 3 if the old master could not be killed
|
||||
if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
|
||||
# Wait for both old and new master to write their pid file
|
||||
while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
|
||||
cnt=`expr $cnt + 1`
|
||||
if [ $cnt -gt 10 ]; then
|
||||
return 2
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
# Everything is ready, gracefully stop the old master
|
||||
if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
|
||||
return 0
|
||||
else
|
||||
return 3
|
||||
fi
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
log_daemon_msg "Starting $DESC" "$NAME"
|
||||
start_nginx
|
||||
case "$?" in
|
||||
0|1) log_end_msg 0 ;;
|
||||
2) log_end_msg 1 ;;
|
||||
esac
|
||||
;;
|
||||
stop)
|
||||
log_daemon_msg "Stopping $DESC" "$NAME"
|
||||
stop_nginx
|
||||
case "$?" in
|
||||
0|1) log_end_msg 0 ;;
|
||||
2) log_end_msg 1 ;;
|
||||
esac
|
||||
;;
|
||||
restart)
|
||||
log_daemon_msg "Restarting $DESC" "$NAME"
|
||||
|
||||
# Check configuration before stopping nginx
|
||||
if ! test_config; then
|
||||
log_end_msg 1 # Configuration error
|
||||
exit $?
|
||||
fi
|
||||
|
||||
stop_nginx
|
||||
case "$?" in
|
||||
0|1)
|
||||
start_nginx
|
||||
case "$?" in
|
||||
0) log_end_msg 0 ;;
|
||||
1) log_end_msg 1 ;; # Old process is still running
|
||||
*) log_end_msg 1 ;; # Failed to start
|
||||
esac
|
||||
;;
|
||||
*)
|
||||
# Failed to stop
|
||||
log_end_msg 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
reload|force-reload)
|
||||
log_daemon_msg "Reloading $DESC configuration" "$NAME"
|
||||
|
||||
# Check configuration before stopping nginx
|
||||
#
|
||||
# This is not entirely correct since the on-disk nginx binary
|
||||
# may differ from the in-memory one, but that's not common.
|
||||
# We prefer to check the configuration and return an error
|
||||
# to the administrator.
|
||||
if ! test_config; then
|
||||
log_end_msg 1 # Configuration error
|
||||
exit $?
|
||||
fi
|
||||
|
||||
reload_nginx
|
||||
log_end_msg $?
|
||||
;;
|
||||
configtest|testconfig)
|
||||
log_daemon_msg "Testing $DESC configuration"
|
||||
test_config
|
||||
log_end_msg $?
|
||||
;;
|
||||
status)
|
||||
status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
|
||||
;;
|
||||
upgrade)
|
||||
log_daemon_msg "Upgrading binary" "$NAME"
|
||||
upgrade_nginx
|
||||
log_end_msg $?
|
||||
;;
|
||||
rotate)
|
||||
log_daemon_msg "Re-opening $DESC log files" "$NAME"
|
||||
rotate_logs
|
||||
log_end_msg $?
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
|
||||
exit 3
|
||||
;;
|
||||
esac
|
@ -0,0 +1,18 @@
|
||||
/var/log/nginx/*.log {
|
||||
daily
|
||||
missingok
|
||||
rotate 14
|
||||
compress
|
||||
delaycompress
|
||||
notifempty
|
||||
create 0640 www-data adm
|
||||
sharedscripts
|
||||
prerotate
|
||||
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
|
||||
run-parts /etc/logrotate.d/httpd-prerotate; \
|
||||
fi \
|
||||
endscript
|
||||
postrotate
|
||||
invoke-rc.d nginx rotate >/dev/null 2>&1
|
||||
endscript
|
||||
}
|
@ -0,0 +1,26 @@
|
||||
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param QUERY_STRING $query_string;
|
||||
fastcgi_param REQUEST_METHOD $request_method;
|
||||
fastcgi_param CONTENT_TYPE $content_type;
|
||||
fastcgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
||||
fastcgi_param REQUEST_URI $request_uri;
|
||||
fastcgi_param DOCUMENT_URI $document_uri;
|
||||
fastcgi_param DOCUMENT_ROOT $document_root;
|
||||
fastcgi_param SERVER_PROTOCOL $server_protocol;
|
||||
fastcgi_param REQUEST_SCHEME $scheme;
|
||||
fastcgi_param HTTPS $https if_not_empty;
|
||||
|
||||
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
|
||||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
||||
|
||||
fastcgi_param REMOTE_ADDR $remote_addr;
|
||||
fastcgi_param REMOTE_PORT $remote_port;
|
||||
fastcgi_param SERVER_ADDR $server_addr;
|
||||
fastcgi_param SERVER_PORT $server_port;
|
||||
fastcgi_param SERVER_NAME $server_name;
|
||||
|
||||
# PHP only, required if PHP was built with --enable-force-cgi-redirect
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
@ -0,0 +1,25 @@
|
||||
|
||||
fastcgi_param QUERY_STRING $query_string;
|
||||
fastcgi_param REQUEST_METHOD $request_method;
|
||||
fastcgi_param CONTENT_TYPE $content_type;
|
||||
fastcgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
||||
fastcgi_param REQUEST_URI $request_uri;
|
||||
fastcgi_param DOCUMENT_URI $document_uri;
|
||||
fastcgi_param DOCUMENT_ROOT $document_root;
|
||||
fastcgi_param SERVER_PROTOCOL $server_protocol;
|
||||
fastcgi_param REQUEST_SCHEME $scheme;
|
||||
fastcgi_param HTTPS $https if_not_empty;
|
||||
|
||||
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
|
||||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
||||
|
||||
fastcgi_param REMOTE_ADDR $remote_addr;
|
||||
fastcgi_param REMOTE_PORT $remote_port;
|
||||
fastcgi_param SERVER_ADDR $server_addr;
|
||||
fastcgi_param SERVER_PORT $server_port;
|
||||
fastcgi_param SERVER_NAME $server_name;
|
||||
|
||||
# PHP only, required if PHP was built with --enable-force-cgi-redirect
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
@ -0,0 +1,109 @@
|
||||
|
||||
# This map is not a full koi8-r <> utf8 map: it does not contain
|
||||
# box-drawing and some other characters. Besides this map contains
|
||||
# several koi8-u and Byelorussian letters which are not in koi8-r.
|
||||
# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
|
||||
# map instead.
|
||||
|
||||
charset_map koi8-r utf-8 {
|
||||
|
||||
80 E282AC ; # euro
|
||||
|
||||
95 E280A2 ; # bullet
|
||||
|
||||
9A C2A0 ; #
|
||||
|
||||
9E C2B7 ; # ·
|
||||
|
||||
A3 D191 ; # small yo
|
||||
A4 D194 ; # small Ukrainian ye
|
||||
|
||||
A6 D196 ; # small Ukrainian i
|
||||
A7 D197 ; # small Ukrainian yi
|
||||
|
||||
AD D291 ; # small Ukrainian soft g
|
||||
AE D19E ; # small Byelorussian short u
|
||||
|
||||
B0 C2B0 ; # °
|
||||
|
||||
B3 D081 ; # capital YO
|
||||
B4 D084 ; # capital Ukrainian YE
|
||||
|
||||
B6 D086 ; # capital Ukrainian I
|
||||
B7 D087 ; # capital Ukrainian YI
|
||||
|
||||
B9 E28496 ; # numero sign
|
||||
|
||||
BD D290 ; # capital Ukrainian soft G
|
||||
BE D18E ; # capital Byelorussian short U
|
||||
|
||||
BF C2A9 ; # (C)
|
||||
|
||||
C0 D18E ; # small yu
|
||||
C1 D0B0 ; # small a
|
||||
C2 D0B1 ; # small b
|
||||
C3 D186 ; # small ts
|
||||
C4 D0B4 ; # small d
|
||||
C5 D0B5 ; # small ye
|
||||
C6 D184 ; # small f
|
||||
C7 D0B3 ; # small g
|
||||
C8 D185 ; # small kh
|
||||
C9 D0B8 ; # small i
|
||||
CA D0B9 ; # small j
|
||||
CB D0BA ; # small k
|
||||
CC D0BB ; # small l
|
||||
CD D0BC ; # small m
|
||||
CE D0BD ; # small n
|
||||
CF D0BE ; # small o
|
||||
|
||||
D0 D0BF ; # small p
|
||||
D1 D18F ; # small ya
|
||||
D2 D180 ; # small r
|
||||
D3 D181 ; # small s
|
||||
D4 D182 ; # small t
|
||||
D5 D183 ; # small u
|
||||
D6 D0B6 ; # small zh
|
||||
D7 D0B2 ; # small v
|
||||
D8 D18C ; # small soft sign
|
||||
D9 D18B ; # small y
|
||||
DA D0B7 ; # small z
|
||||
DB D188 ; # small sh
|
||||
DC D18D ; # small e
|
||||
DD D189 ; # small shch
|
||||
DE D187 ; # small ch
|
||||
DF D18A ; # small hard sign
|
||||
|
||||
E0 D0AE ; # capital YU
|
||||
E1 D090 ; # capital A
|
||||
E2 D091 ; # capital B
|
||||
E3 D0A6 ; # capital TS
|
||||
E4 D094 ; # capital D
|
||||
E5 D095 ; # capital YE
|
||||
E6 D0A4 ; # capital F
|
||||
E7 D093 ; # capital G
|
||||
E8 D0A5 ; # capital KH
|
||||
E9 D098 ; # capital I
|
||||
EA D099 ; # capital J
|
||||
EB D09A ; # capital K
|
||||
EC D09B ; # capital L
|
||||
ED D09C ; # capital M
|
||||
EE D09D ; # capital N
|
||||
EF D09E ; # capital O
|
||||
|
||||
F0 D09F ; # capital P
|
||||
F1 D0AF ; # capital YA
|
||||
F2 D0A0 ; # capital R
|
||||
F3 D0A1 ; # capital S
|
||||
F4 D0A2 ; # capital T
|
||||
F5 D0A3 ; # capital U
|
||||
F6 D096 ; # capital ZH
|
||||
F7 D092 ; # capital V
|
||||
F8 D0AC ; # capital soft sign
|
||||
F9 D0AB ; # capital Y
|
||||
FA D097 ; # capital Z
|
||||
FB D0A8 ; # capital SH
|
||||
FC D0AD ; # capital E
|
||||
FD D0A9 ; # capital SHCH
|
||||
FE D0A7 ; # capital CH
|
||||
FF D0AA ; # capital hard sign
|
||||
}
|
@ -0,0 +1,103 @@
|
||||
|
||||
charset_map koi8-r windows-1251 {
|
||||
|
||||
80 88 ; # euro
|
||||
|
||||
95 95 ; # bullet
|
||||
|
||||
9A A0 ; #
|
||||
|
||||
9E B7 ; # ·
|
||||
|
||||
A3 B8 ; # small yo
|
||||
A4 BA ; # small Ukrainian ye
|
||||
|
||||
A6 B3 ; # small Ukrainian i
|
||||
A7 BF ; # small Ukrainian yi
|
||||
|
||||
AD B4 ; # small Ukrainian soft g
|
||||
AE A2 ; # small Byelorussian short u
|
||||
|
||||
B0 B0 ; # °
|
||||
|
||||
B3 A8 ; # capital YO
|
||||
B4 AA ; # capital Ukrainian YE
|
||||
|
||||
B6 B2 ; # capital Ukrainian I
|
||||
B7 AF ; # capital Ukrainian YI
|
||||
|
||||
B9 B9 ; # numero sign
|
||||
|
||||
BD A5 ; # capital Ukrainian soft G
|
||||
BE A1 ; # capital Byelorussian short U
|
||||
|
||||
BF A9 ; # (C)
|
||||
|
||||
C0 FE ; # small yu
|
||||
C1 E0 ; # small a
|
||||
C2 E1 ; # small b
|
||||
C3 F6 ; # small ts
|
||||
C4 E4 ; # small d
|
||||
C5 E5 ; # small ye
|
||||
C6 F4 ; # small f
|
||||
C7 E3 ; # small g
|
||||
C8 F5 ; # small kh
|
||||
C9 E8 ; # small i
|
||||
CA E9 ; # small j
|
||||
CB EA ; # small k
|
||||
CC EB ; # small l
|
||||
CD EC ; # small m
|
||||
CE ED ; # small n
|
||||
CF EE ; # small o
|
||||
|
||||
D0 EF ; # small p
|
||||
D1 FF ; # small ya
|
||||
D2 F0 ; # small r
|
||||
D3 F1 ; # small s
|
||||
D4 F2 ; # small t
|
||||
D5 F3 ; # small u
|
||||
D6 E6 ; # small zh
|
||||
D7 E2 ; # small v
|
||||
D8 FC ; # small soft sign
|
||||
D9 FB ; # small y
|
||||
DA E7 ; # small z
|
||||
DB F8 ; # small sh
|
||||
DC FD ; # small e
|
||||
DD F9 ; # small shch
|
||||
DE F7 ; # small ch
|
||||
DF FA ; # small hard sign
|
||||
|
||||
E0 DE ; # capital YU
|
||||
E1 C0 ; # capital A
|
||||
E2 C1 ; # capital B
|
||||
E3 D6 ; # capital TS
|
||||
E4 C4 ; # capital D
|
||||
E5 C5 ; # capital YE
|
||||
E6 D4 ; # capital F
|
||||
E7 C3 ; # capital G
|
||||
E8 D5 ; # capital KH
|
||||
E9 C8 ; # capital I
|
||||
EA C9 ; # capital J
|
||||
EB CA ; # capital K
|
||||
EC CB ; # capital L
|
||||
ED CC ; # capital M
|
||||
EE CD ; # capital N
|
||||
EF CE ; # capital O
|
||||
|
||||
F0 CF ; # capital P
|
||||
F1 DF ; # capital YA
|
||||
F2 D0 ; # capital R
|
||||
F3 D1 ; # capital S
|
||||
F4 D2 ; # capital T
|
||||
F5 D3 ; # capital U
|
||||
F6 C6 ; # capital ZH
|
||||
F7 C2 ; # capital V
|
||||
F8 DC ; # capital soft sign
|
||||
F9 DB ; # capital Y
|
||||
FA C7 ; # capital Z
|
||||
FB D8 ; # capital SH
|
||||
FC DD ; # capital E
|
||||
FD D9 ; # capital SHCH
|
||||
FE D7 ; # capital CH
|
||||
FF DA ; # capital hard sign
|
||||
}
|
@ -0,0 +1,89 @@
|
||||
|
||||
types {
|
||||
text/html html htm shtml;
|
||||
text/css css;
|
||||
text/xml xml;
|
||||
image/gif gif;
|
||||
image/jpeg jpeg jpg;
|
||||
application/javascript js;
|
||||
application/atom+xml atom;
|
||||
application/rss+xml rss;
|
||||
|
||||
text/mathml mml;
|
||||
text/plain txt;
|
||||
text/vnd.sun.j2me.app-descriptor jad;
|
||||
text/vnd.wap.wml wml;
|
||||
text/x-component htc;
|
||||
|
||||
image/png png;
|
||||
image/tiff tif tiff;
|
||||
image/vnd.wap.wbmp wbmp;
|
||||
image/x-icon ico;
|
||||
image/x-jng jng;
|
||||
image/x-ms-bmp bmp;
|
||||
image/svg+xml svg svgz;
|
||||
image/webp webp;
|
||||
|
||||
application/font-woff woff;
|
||||
application/java-archive jar war ear;
|
||||
application/json json;
|
||||
application/mac-binhex40 hqx;
|
||||
application/msword doc;
|
||||
application/pdf pdf;
|
||||
application/postscript ps eps ai;
|
||||
application/rtf rtf;
|
||||
application/vnd.apple.mpegurl m3u8;
|
||||
application/vnd.ms-excel xls;
|
||||
application/vnd.ms-fontobject eot;
|
||||
application/vnd.ms-powerpoint ppt;
|
||||
application/vnd.wap.wmlc wmlc;
|
||||
application/vnd.google-earth.kml+xml kml;
|
||||
application/vnd.google-earth.kmz kmz;
|
||||
application/x-7z-compressed 7z;
|
||||
application/x-cocoa cco;
|
||||
application/x-java-archive-diff jardiff;
|
||||
application/x-java-jnlp-file jnlp;
|
||||
application/x-makeself run;
|
||||
application/x-perl pl pm;
|
||||
application/x-pilot prc pdb;
|
||||
application/x-rar-compressed rar;
|
||||
application/x-redhat-package-manager rpm;
|
||||
application/x-sea sea;
|
||||
application/x-shockwave-flash swf;
|
||||
application/x-stuffit sit;
|
||||
application/x-tcl tcl tk;
|
||||
application/x-x509-ca-cert der pem crt;
|
||||
application/x-xpinstall xpi;
|
||||
application/xhtml+xml xhtml;
|
||||
application/xspf+xml xspf;
|
||||
application/zip zip;
|
||||
|
||||
application/octet-stream bin exe dll;
|
||||
application/octet-stream deb;
|
||||
application/octet-stream dmg;
|
||||
application/octet-stream iso img;
|
||||
application/octet-stream msi msp msm;
|
||||
|
||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
||||
|
||||
audio/midi mid midi kar;
|
||||
audio/mpeg mp3;
|
||||
audio/ogg ogg;
|
||||
audio/x-m4a m4a;
|
||||
audio/x-realaudio ra;
|
||||
|
||||
video/3gpp 3gpp 3gp;
|
||||
video/mp2t ts;
|
||||
video/mp4 mp4;
|
||||
video/mpeg mpeg mpg;
|
||||
video/quicktime mov;
|
||||
video/webm webm;
|
||||
video/x-flv flv;
|
||||
video/x-m4v m4v;
|
||||
video/x-mng mng;
|
||||
video/x-ms-asf asx asf;
|
||||
video/x-ms-wmv wmv;
|
||||
video/x-msvideo avi;
|
||||
}
|
@ -0,0 +1,85 @@
|
||||
user www-data;
|
||||
worker_processes auto;
|
||||
pid /run/nginx.pid;
|
||||
include /etc/nginx/modules-enabled/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 768;
|
||||
# multi_accept on;
|
||||
}
|
||||
|
||||
http {
|
||||
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
# server_tokens off;
|
||||
|
||||
# server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
##
|
||||
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
|
||||
gzip on;
|
||||
|
||||
# gzip_vary on;
|
||||
# gzip_proxied any;
|
||||
# gzip_comp_level 6;
|
||||
# gzip_buffers 16 8k;
|
||||
# gzip_http_version 1.1;
|
||||
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||
|
||||
##
|
||||
# Virtual Host Configs
|
||||
##
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
||||
|
||||
|
||||
#mail {
|
||||
# # See sample authentication script at:
|
||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
||||
#
|
||||
# # auth_http localhost/auth.php;
|
||||
# # pop3_capabilities "TOP" "USER";
|
||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
||||
#
|
||||
# server {
|
||||
# listen localhost:110;
|
||||
# protocol pop3;
|
||||
# proxy on;
|
||||
# }
|
||||
#
|
||||
# server {
|
||||
# listen localhost:143;
|
||||
# protocol imap;
|
||||
# proxy on;
|
||||
# }
|
||||
#}
|
@ -0,0 +1,4 @@
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
@ -0,0 +1,17 @@
|
||||
|
||||
scgi_param REQUEST_METHOD $request_method;
|
||||
scgi_param REQUEST_URI $request_uri;
|
||||
scgi_param QUERY_STRING $query_string;
|
||||
scgi_param CONTENT_TYPE $content_type;
|
||||
|
||||
scgi_param DOCUMENT_URI $document_uri;
|
||||
scgi_param DOCUMENT_ROOT $document_root;
|
||||
scgi_param SCGI 1;
|
||||
scgi_param SERVER_PROTOCOL $server_protocol;
|
||||
scgi_param REQUEST_SCHEME $scheme;
|
||||
scgi_param HTTPS $https if_not_empty;
|
||||
|
||||
scgi_param REMOTE_ADDR $remote_addr;
|
||||
scgi_param REMOTE_PORT $remote_port;
|
||||
scgi_param SERVER_PORT $server_port;
|
||||
scgi_param SERVER_NAME $server_name;
|
@ -0,0 +1,91 @@
|
||||
##
|
||||
# You should look at the following URL's in order to grasp a solid understanding
|
||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
||||
# https://www.nginx.com/resources/wiki/start/
|
||||
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
|
||||
# https://wiki.debian.org/Nginx/DirectoryStructure
|
||||
#
|
||||
# In most cases, administrators will remove this file from sites-enabled/ and
|
||||
# leave it as reference inside of sites-available where it will continue to be
|
||||
# updated by the nginx packaging team.
|
||||
#
|
||||
# This file will automatically load configuration files provided by other
|
||||
# applications, such as Drupal or Wordpress. These applications will be made
|
||||
# available underneath a path with that package name, such as /drupal8.
|
||||
#
|
||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
||||
##
|
||||
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# SSL configuration
|
||||
#
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server;
|
||||
#
|
||||
# Note: You should disable gzip for SSL traffic.
|
||||
# See: https://bugs.debian.org/773332
|
||||
#
|
||||
# Read up on ssl_ciphers to ensure a secure configuration.
|
||||
# See: https://bugs.debian.org/765782
|
||||
#
|
||||
# Self signed certs generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
#
|
||||
# include snippets/snakeoil.conf;
|
||||
|
||||
root /var/www/html;
|
||||
|
||||
# Add index.php to the list if you are using PHP
|
||||
index index.html index.htm index.nginx-debian.html;
|
||||
|
||||
server_name _;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# pass PHP scripts to FastCGI server
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# include snippets/fastcgi-php.conf;
|
||||
#
|
||||
# # With php-fpm (or other unix sockets):
|
||||
# fastcgi_pass unix:/run/php/php7.3-fpm.sock;
|
||||
# # With php-cgi (or other tcp sockets):
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
||||
|
||||
|
||||
# Virtual Host configuration for example.com
|
||||
#
|
||||
# You can move that to a different file under sites-available/ and symlink that
|
||||
# to sites-enabled/ to enable it.
|
||||
#
|
||||
#server {
|
||||
# listen 80;
|
||||
# listen [::]:80;
|
||||
#
|
||||
# server_name example.com;
|
||||
#
|
||||
# root /var/www/example.com;
|
||||
# index index.html;
|
||||
#
|
||||
# location / {
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
#}
|
@ -0,0 +1,13 @@
|
||||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
|
||||
# Check that the PHP script exists before passing it
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
# Bypass the fact that try_files resets $fastcgi_path_info
|
||||
# see: http://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi.conf;
|
@ -0,0 +1,5 @@
|
||||
# Self signed certificates generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
|
||||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
|
||||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
|
@ -0,0 +1,17 @@
|
||||
|
||||
uwsgi_param QUERY_STRING $query_string;
|
||||
uwsgi_param REQUEST_METHOD $request_method;
|
||||
uwsgi_param CONTENT_TYPE $content_type;
|
||||
uwsgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
uwsgi_param REQUEST_URI $request_uri;
|
||||
uwsgi_param PATH_INFO $document_uri;
|
||||
uwsgi_param DOCUMENT_ROOT $document_root;
|
||||
uwsgi_param SERVER_PROTOCOL $server_protocol;
|
||||
uwsgi_param REQUEST_SCHEME $scheme;
|
||||
uwsgi_param HTTPS $https if_not_empty;
|
||||
|
||||
uwsgi_param REMOTE_ADDR $remote_addr;
|
||||
uwsgi_param REMOTE_PORT $remote_port;
|
||||
uwsgi_param SERVER_PORT $server_port;
|
||||
uwsgi_param SERVER_NAME $server_name;
|
@ -0,0 +1,125 @@
|
||||
# This map is not a full windows-1251 <> utf8 map: it does not
|
||||
# contain Serbian and Macedonian letters. If you need a full map,
|
||||
# use contrib/unicode2nginx/win-utf map instead.
|
||||
|
||||
charset_map windows-1251 utf-8 {
|
||||
|
||||
82 E2809A; # single low-9 quotation mark
|
||||
|
||||
84 E2809E; # double low-9 quotation mark
|
||||
85 E280A6; # ellipsis
|
||||
86 E280A0; # dagger
|
||||
87 E280A1; # double dagger
|
||||
88 E282AC; # euro
|
||||
89 E280B0; # per mille
|
||||
|
||||
91 E28098; # left single quotation mark
|
||||
92 E28099; # right single quotation mark
|
||||
93 E2809C; # left double quotation mark
|
||||
94 E2809D; # right double quotation mark
|
||||
95 E280A2; # bullet
|
||||
96 E28093; # en dash
|
||||
97 E28094; # em dash
|
||||
|
||||
99 E284A2; # trade mark sign
|
||||
|
||||
A0 C2A0; #
|
||||
A1 D18E; # capital Byelorussian short U
|
||||
A2 D19E; # small Byelorussian short u
|
||||
|
||||
A4 C2A4; # currency sign
|
||||
A5 D290; # capital Ukrainian soft G
|
||||
A6 C2A6; # borken bar
|
||||
A7 C2A7; # section sign
|
||||
A8 D081; # capital YO
|
||||
A9 C2A9; # (C)
|
||||
AA D084; # capital Ukrainian YE
|
||||
AB C2AB; # left-pointing double angle quotation mark
|
||||
AC C2AC; # not sign
|
||||
AD C2AD; # soft hypen
|
||||
AE C2AE; # (R)
|
||||
AF D087; # capital Ukrainian YI
|
||||
|
||||
B0 C2B0; # °
|
||||
B1 C2B1; # plus-minus sign
|
||||
B2 D086; # capital Ukrainian I
|
||||
B3 D196; # small Ukrainian i
|
||||
B4 D291; # small Ukrainian soft g
|
||||
B5 C2B5; # micro sign
|
||||
B6 C2B6; # pilcrow sign
|
||||
B7 C2B7; # ·
|
||||
B8 D191; # small yo
|
||||
B9 E28496; # numero sign
|
||||
BA D194; # small Ukrainian ye
|
||||
BB C2BB; # right-pointing double angle quotation mark
|
||||
|
||||
BF D197; # small Ukrainian yi
|
||||
|
||||
C0 D090; # capital A
|
||||
C1 D091; # capital B
|
||||
C2 D092; # capital V
|
||||
C3 D093; # capital G
|
||||
C4 D094; # capital D
|
||||
C5 D095; # capital YE
|
||||
C6 D096; # capital ZH
|
||||
C7 D097; # capital Z
|
||||
C8 D098; # capital I
|
||||
C9 D099; # capital J
|
||||
CA D09A; # capital K
|
||||
CB D09B; # capital L
|
||||
CC D09C; # capital M
|
||||
CD D09D; # capital N
|
||||
CE D09E; # capital O
|
||||
CF D09F; # capital P
|
||||
|
||||
D0 D0A0; # capital R
|
||||
D1 D0A1; # capital S
|
||||
D2 D0A2; # capital T
|
||||
D3 D0A3; # capital U
|
||||
D4 D0A4; # capital F
|
||||
D5 D0A5; # capital KH
|
||||
D6 D0A6; # capital TS
|
||||
D7 D0A7; # capital CH
|
||||
D8 D0A8; # capital SH
|
||||
D9 D0A9; # capital SHCH
|
||||
DA D0AA; # capital hard sign
|
||||
DB D0AB; # capital Y
|
||||
DC D0AC; # capital soft sign
|
||||
DD D0AD; # capital E
|
||||
DE D0AE; # capital YU
|
||||
DF D0AF; # capital YA
|
||||
|
||||
E0 D0B0; # small a
|
||||
E1 D0B1; # small b
|
||||
E2 D0B2; # small v
|
||||
E3 D0B3; # small g
|
||||
E4 D0B4; # small d
|
||||
E5 D0B5; # small ye
|
||||
E6 D0B6; # small zh
|
||||
E7 D0B7; # small z
|
||||
E8 D0B8; # small i
|
||||
E9 D0B9; # small j
|
||||
EA D0BA; # small k
|
||||
EB D0BB; # small l
|
||||
EC D0BC; # small m
|
||||
ED D0BD; # small n
|
||||
EE D0BE; # small o
|
||||
EF D0BF; # small p
|
||||
|
||||
F0 D180; # small r
|
||||
F1 D181; # small s
|
||||
F2 D182; # small t
|
||||
F3 D183; # small u
|
||||
F4 D184; # small f
|
||||
F5 D185; # small kh
|
||||
F6 D186; # small ts
|
||||
F7 D187; # small ch
|
||||
F8 D188; # small sh
|
||||
F9 D189; # small shch
|
||||
FA D18A; # small hard sign
|
||||
FB D18B; # small y
|
||||
FC D18C; # small soft sign
|
||||
FD D18D; # small e
|
||||
FE D18E; # small yu
|
||||
FF D18F; # small ya
|
||||
}
|
@ -0,0 +1,14 @@
|
||||
[Nginx HTTP]
|
||||
title=Web Server (Nginx, HTTP)
|
||||
description=Small, but very powerful and efficient web server
|
||||
ports=80/tcp
|
||||
|
||||
[Nginx HTTPS]
|
||||
title=Web Server (Nginx, HTTPS)
|
||||
description=Small, but very powerful and efficient web server
|
||||
ports=443/tcp
|
||||
|
||||
[Nginx Full]
|
||||
title=Web Server (Nginx, HTTP + HTTPS)
|
||||
description=Small, but very powerful and efficient web server
|
||||
ports=80,443/tcp
|
@ -0,0 +1,29 @@
|
||||
# Stop dance for nginx
|
||||
# =======================
|
||||
#
|
||||
# ExecStop sends SIGSTOP (graceful stop) to the nginx process.
|
||||
# If, after 5s (--retry QUIT/5) nginx is still running, systemd takes control
|
||||
# and sends SIGTERM (fast shutdown) to the main process.
|
||||
# After another 5s (TimeoutStopSec=5), and if nginx is alive, systemd sends
|
||||
# SIGKILL to all the remaining processes in the process group (KillMode=mixed).
|
||||
#
|
||||
# nginx signals reference doc:
|
||||
# http://nginx.org/en/docs/control.html
|
||||
#
|
||||
[Unit]
|
||||
Description=A high performance web server and a reverse proxy server
|
||||
Documentation=man:nginx(8)
|
||||
After=network.target nss-lookup.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/run/nginx.pid
|
||||
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
|
||||
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
|
||||
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
|
||||
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid
|
||||
TimeoutStopSec=5
|
||||
KillMode=mixed
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user