|
@@ -5,7 +5,35 @@ a collection of containers that will provide automatic reverse proxying
|
5
|
5
|
and SSL termination for other docker containers.
|
6
|
6
|
|
7
|
7
|
More details will be added here in due course. For now, the full process
|
8
|
|
-is described in [this blog post](https://www.chameth.com/2016/05/21/docker-automatic-nginx-proxy.html).
|
|
8
|
+is described in [this blog post](https://www.chameth.com/2016/05/21/docker-automatic-nginx-proxy).
|
|
9
|
+
|
|
10
|
+## Adding extra config to Nginx
|
|
11
|
+
|
|
12
|
+Out of the box, the Nginx server will only handle HTTPS requests,
|
|
13
|
+with a very minimal config. The [extra](extra/) directory contains
|
|
14
|
+some additional configuration snippets which may potentially be
|
|
15
|
+useful.
|
|
16
|
+
|
|
17
|
+Once you have the services running, you can copy additional config
|
|
18
|
+using the cp command:
|
|
19
|
+
|
|
20
|
+```
|
|
21
|
+docker cp file.conf autoproxy_nginx:/etc/nginx/conf.d/
|
|
22
|
+```
|
|
23
|
+
|
|
24
|
+The following config files are available in the extra directory:
|
|
25
|
+
|
|
26
|
+ * [hsts.conf](extra/hsts.conf) - enables HTTP Strict Transport Security for
|
|
27
|
+ all HTTPS hosts. HSTS tells browsers that they should only ever request
|
|
28
|
+ pages on that domain over HTTPS.
|
|
29
|
+ * [redirect-http.conf](extra/redirect-http.conf) - adds a default HTTP
|
|
30
|
+ server that redirects all traffic to HTTPS.
|
|
31
|
+ * [security.conf](extra/security.conf) - enables some security best
|
|
32
|
+ practices: stops Nginx reporting its version, and adds headers to
|
|
33
|
+ help mitigate clickjacking, content type hijacking, and XSS.
|
|
34
|
+ * [ssl.conf](extra/ssl.conf) - adds extra SSL configuration options to
|
|
35
|
+ disable old protocols and ciphers, enable stapling, etc. This will prevent
|
|
36
|
+ access from older browsers and operating systems!
|
9
|
37
|
|
10
|
38
|
## Hosting static content
|
11
|
39
|
|
|
@@ -19,7 +47,6 @@ file like so:
|
19
|
47
|
|
20
|
48
|
```yaml
|
21
|
49
|
---
|
22
|
|
-
|
23
|
50
|
version: '2'
|
24
|
51
|
|
25
|
52
|
services:
|