GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ wodby β†’ nginx

wodby / nginx

Licence: MIT license
Nginx docker container image

Programming Languages

shell
77523 projects
Dockerfile
14818 projects
Makefile
30231 projects

Labels

dockernginxalpine

Projects that are alternatives of or similar to nginx

Uwsgi Nginx Flask Docker
Docker image with uWSGI and Nginx for Flask applications in Python running in a single container. Optionally with Alpine Linux.
Stars: ✭ 2,607 (+4727.78%)
Mutual labels:  alpine
docker-alpine-texlive
🐳 πŸ“– Minimal TeX Live installation Docker image
Stars: ✭ 33 (-38.89%)
Mutual labels:  alpine
ci
🐳 Dockette dockerized Alpine linux Dockerfiles for PHP 5.6-8.2 + Composer. NodeJS 6-18. Ansible.
Stars: ✭ 18 (-66.67%)
Mutual labels:  alpine
Git Server Docker
Git Server in Docker
Stars: ✭ 218 (+303.7%)
Mutual labels:  alpine
Uvicorn Gunicorn Docker
Docker image with Uvicorn managed by Gunicorn for high-performance web applications in Python 3.6 with performance auto-tuning. Optionally with Alpine Linux.
Stars: ✭ 244 (+351.85%)
Mutual labels:  alpine
ttall
Laravel fronend preset for TTALL stack - Tailwindcss | Turbolinks | Alpine.js | Laravel | Livewire πŸš€
Stars: ✭ 50 (-7.41%)
Mutual labels:  alpine
Docker4php
Docker-based PHP stack
Stars: ✭ 210 (+288.89%)
Mutual labels:  alpine
docker-upsource
Dockerfile for Upsource.
Stars: ✭ 18 (-66.67%)
Mutual labels:  alpine
distrobox
Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
Stars: ✭ 4,371 (+7994.44%)
Mutual labels:  alpine
alpine-erlang-builder
Up to date Alpine image with the latest Erlang version for staged builds.
Stars: ✭ 33 (-38.89%)
Mutual labels:  alpine
Laravel Views
Laravel package to create beautiful common views like data tables using the TALL stack.
Stars: ✭ 221 (+309.26%)
Mutual labels:  alpine
Docker Php
🐳 Docker For PHP developers - Docker images with PHP, Nginx, OpenLiteSpeed, Apache, Lighttpd, and Alpine
Stars: ✭ 236 (+337.04%)
Mutual labels:  alpine
docker-library
Collection of Dockerfiles
Stars: ✭ 20 (-62.96%)
Mutual labels:  alpine
Docker Alpine Python3
The smallest Docker image with Python 3.7 (~57MB)
Stars: ✭ 218 (+303.7%)
Mutual labels:  alpine
docker-alpine-elm
Docker image of pure Alpine with Elm
Stars: ✭ 17 (-68.52%)
Mutual labels:  alpine
Docker Shadowsocks Libev
Build a docker image for shadowsocks-libev with v2ray-plugin, based on Alpine Linux.
Stars: ✭ 208 (+285.19%)
Mutual labels:  alpine
docker-swoole-webapp
Simple Docker-image to build your applications based on Async PHP extensions.
Stars: ✭ 26 (-51.85%)
Mutual labels:  alpine
terragrunt
Auto-trigger docker build for terragrunt when new terraform version released
Stars: ✭ 23 (-57.41%)
Mutual labels:  alpine
akka-http-docker-sample
example of running an Sbt application in Docker based on openjdk:jre-alpine
Stars: ✭ 20 (-62.96%)
Mutual labels:  alpine
gitlab-runner
Gitlab Runner on Alpine Linux [Docker]
Stars: ✭ 17 (-68.52%)
Mutual labels:  alpine
View All Similar Projects βž”

Nginx Docker Container Images

Build Status Docker Pulls Docker Stars

Docker Images

❗For better reliability we release images with stability tags (wodby/nginx:1.21-X.X.X) which correspond to git tags. We strongly recommend using images only with stability tags.

Overview:

Supported tags and respective Dockerfile links:

All images built for linux/amd64 and linux/arm64

Environment Variables

Variable Default Value Description
NGINX_ALLOW_ACCESS_HIDDEN_FILES
NGINX_BACKEND_FAIL_TIMEOUT 0
NGINX_BACKEND_HOST Varies with a preset
NGINX_BACKEND_PORT Varies with a preset
NGINX_BROTLI on
NGINX_BROTLI_STATIC on
NGINX_BROTLI_COMP_LEVEL 1
NGINX_CLIENT_BODY_BUFFER_SIZE 16k
NGINX_CLIENT_BODY_TIMEOUT 60s
NGINX_CLIENT_HEADER_BUFFER_SIZE 4k
NGINX_CLIENT_HEADER_TIMEOUT 60s
NGINX_CLIENT_MAX_BODY_SIZE 32m
NGINX_CONF_INCLUDE conf.d/*.conf
NGINX_DISABLE_CACHING
NGINX_DJANGO_MEDIA_ROOT /var/www/html/media/
NGINX_DJANGO_MEDIA_URL /media/
NGINX_DJANGO_STATIC_ROOT /var/www/html/static/
NGINX_DJANGO_STATIC_URL /static/
NGINX_DRUPAL_ALLOW_XML_ENDPOINTS
NGINX_DRUPAL_FILE_PROXY_URL e.g. http://dev.example.com
NGINX_DRUPAL_FILES_STATIC_EXT_REGEX txt
NGINX_DRUPAL_HIDE_HEADERS
NGINX_DRUPAL_XMLRPC_SERVER_NAME Drupal 7 only
NGINX_DRUPAL_NOT_FOUND_REGEX (see Drupal)
NGINX_WP_NOT_FOUND_REGEX (see Wordpress)
NGINX_ERROR_403_URI
NGINX_ERROR_404_URI
NGINX_ERROR_LOG_LEVEL error
NGINX_ERROR_MESSAGE_50x
NGINX_FASTCGI_BUFFER_SIZE 32k For PHP-based presets only
NGINX_FASTCGI_BUFFERS 16 32k For PHP-based presets only
NGINX_FASTCGI_INDEX index.php For PHP-based presets only
NGINX_FASTCGI_INTERCEPT_ERRORS on For PHP-based presets only
NGINX_FASTCGI_READ_TIMEOUT 900 For PHP-based presets only
NGINX_GZIP_BUFFERS 16 8k
NGINX_GZIP_COMP_LEVEL 1
NGINX_GZIP_DISABLE msie6
NGINX_GZIP_HTTP_VERSION 1.1
NGINX_GZIP_MIN_LENGTH 20
NGINX_GZIP_PROXIED any
NGINX_GZIP_VARY on
NGINX_GZIP on
NGINX_HEADERS_CONTENT_SECURITY_POLICY frame-ancestors: 'none' different for Drupal and WP presets
NGINX_HIDE_50x_ERRORS
NGINX_HTTP2
NGINX_INDEX_FILE Varies with a preset Hard-coded for Drupal and WP
NGINX_KEEPALIVE_REQUESTS 100
NGINX_KEEPALIVE_TIMEOUT 75s
NGINX_LARGE_CLIENT_HEADER_BUFFERS 8 16k
NGINX_LOG_FORMAT_OVERRIDE
NGINX_METRICS_ENABLED off
NGINX_METRICS_FORMAT html html, json, jsonp, prometheus
NGINX_METRICS_ALLOW_FROM
NGINX_MODSECURITY_ENABLED See ModSecurity
NGINX_MODSECURITY_INBOUND_ANOMALY_SCORE_THRESHOLD 7
NGINX_MODSECURITY_OUTBOUND_ANOMALY_SCORE_THRESHOLD 7
NGINX_MODSECURITY_POST_CORE_RULES Location to rules loaded after CRS
NGINX_MODSECURITY_PRE_CORE_RULES Location to rules loaded before CRS
NGINX_MODSECURITY_USE_OWASP_CRS See ModSecurity
NGINX_MULTI_ACCEPT on
NGINX_NO_DEFAULT_HEADERS
NGINX_REAL_IP_HEADER X-Real-IP
NGINX_REAL_IP_RECURSIVE off
NGINX_RESET_TIMEDOUT_CONNECTION off
NGINX_SEND_TIMEOUT 60s
NGINX_SENDFILE on
NGINX_SERVER_EXTRA_CONF_FILEPATH
NGINX_SERVER_NAME default
NGINX_SERVER_ROOT /var/www/html
NGINX_SERVER_TOKENS off
NGINX_SET_REAL_IP_FROM
NGINX_SET_REAL_IPS_FROM json array as string
NGINX_STATIC_404_TRY_INDEX
NGINX_STATIC_ACCESS_LOG off
NGINX_STATIC_EXPIRES 1y
NGINX_STATIC_MP4_BUFFER_SIZE 1M
NGINX_STATIC_MP4_MAX_BUFFER_SIZE 5M
NGINX_STATIC_OPEN_FILE_CACHE_ERRORS on
NGINX_STATIC_OPEN_FILE_CACHE_MIN_USES 2
NGINX_STATIC_OPEN_FILE_CACHE_VALID 30s
NGINX_STATIC_OPEN_FILE_CACHE max=1000 inactive=30s
NGINX_STATIC_EXT_REGEX (see below)
NGINX_STATUS_ALLOW_FROM e.g. 172.18.0.0/16
NGINX_STATUS_ENABLED off
NGINX_TCP_NODELAY on
NGINX_TCP_NOPUSH on
NGINX_TRACK_UPLOADS uploads 60s
NGINX_UNDERSCORES_IN_HEADERS off
NGINX_UPLOAD_PROGRESS uploads 1m
NGINX_USER nginx
NGINX_VHOST_NO_DEFAULTS
NGINX_VHOST_PRESET html
NGINX_WORKER_CONNECTIONS 1024
NGINX_WORKER_PROCESSES auto
NGINX_WP_FILE_PROXY_URL e.g. http://dev.example.com
NGINX_WP_GOOGLE_XML_SITEMAP See WordPress
NGINX_WP_YOAST_XML_SITEMAP See WordPress

Static files extension defined via the regex and can be overridden via the env var NGINX_STATIC_EXT_REGEX, default:

css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt|map|webp

Some environment variables can be overridden or added per preset.

Build arguments

Argument Default value
WODBY_GROUP_ID 1000
WODBY_USER_ID 1000

Nginx modules

Name Version Dynamic
brotli 9aec15e
http_addition
http_auth_request
http_dav
http_flv
http_gunzip
http_gzip_static
http_image_filter βœ“
http_modsecurity See ModSecurity βœ“
http_mp4
http_random_index
http_realip
http_secure_link
http_slice
http_ssl
http_stub_status
http_sub
http_uploadprogress 0.9.1
http_v2
http_xslt βœ“
mail_ssl
stream_realip
stream_ssl
stream_ssl_preread
vts 3c6cf41

ModSecurity

Component Version
ModSecurity Nginx module 1.0.0
ModSecurity Library 3.0.3
OWASP CRS 3.1.0

Compiled as a dynamic module, disabled by default. To enable set $NGINX_MODSECURITY_ENABLED to any value. Additionally, you can enable OWASP Core Rule Set (CRS) by setting $NGINX_MODSECURITY_USE_OWASP_CRS to any value, ️be wary since it may block some requests with the default configuration. See env vars starting with $NGINX_MODSECURITY_ for advanced configuration.

Default behavior

Applied to all presets by default, can be disabled via $NGINX_VHOST_NO_DEFAULTS:

  • /.well-known/ location supported
  • /ads.txt allowed
  • /robots.txt allowed
  • /humans.txt allowed
  • /favicon.ico allowed
  • .flv, .m4a, .mp4, .mov locations supported and handled with appropriate modules
  • /.healthz location supported, requests not shown in access log

Customization

  • Pass real IP from a reverse proxy via $NGINX_SET_REAL_IP_FROM, e.g. 172.17.0.0/16 for docker network
  • Pass multiple real IP from reverse proxies via $NGINX_SET_REAL_IPS_FROM In a docker-compose.yml this can be done like this: 
    environment:
  NGINX_SET_REAL_IPS_FROM: "[\"172.17.0.0/16\", \"192.168.0.10\"]"

environment:
  NGINX_SET_REAL_IPS_FROM: |-
    ["172.17.0.0/16", "192.168.0.10"]
  • Customize the header which value will be used to replace the client address via $NGINX_REAL_IP_HEADER
  • Default recommended headers can be disabled via $NGINX_NO_DEFAULT_HEADERS (defined in nginx.conf)
  • The value for the Content-Security-Policy header can be changed using $NGINX_HEADERS_CONTENT_SECURITY_POLICY, it's default value is frame-ancestors: 'none'. More information on this header can be found here.
  • Error page file can be customized for HTTP errors 403 ($NGINX_ERROR_403_URI) and 404 ($NGINX_ERROR_404_URI)
  • Default error page for HTTP errors 500, 502, 503, 504 can be disabled via $NGINX_HIDE_50x_ERRORS
  • Access to hidden files (starting with .) can be allowed via $NGINX_ALLOW_ACCESS_HIDDEN_FILES
  • Caching can be disabled via $NGINX_DISABLE_CACHING
  • Add extra locations via $NGINX_SERVER_EXTRA_CONF_FILEPATH=/filepath/to/nginx-locations.conf, the file will be included at the end of default rules (server context)
  • Completely override include of the virtual host config by overriding NGINX_CONF_INCLUDE, it will be included in nginx.conf
  • Define custom preset
  • Status page /.statusz can be enabled via $NGINX_STATUS_ENABLED, requests not shown in access log
  • Metrics page /.metricsz can be enabled via $NGINX_METRICS_ENABLED, requests not shown in access log
  • Metrics page format can be customized via $NGINX_METRICS_FORMAT, supports json, html, jsonp and prometheus

Virtual hosts presets

Virtual host preset html will be used by default, you can change it via env var $NGINX_VHOST_PRESET. The list of available presets:

HTML

Overridden default values:

Variable Default Value
NGINX_INDEX_FILE index.html

HTTP proxy (application server)

  • Preset template
  • Usage: add NGINX_VHOST_PRESET=http-proxy and NGINX_BACKEND_HOST=[HOST]

Overridden default values:

Variable Default Value
NGINX_BACKEND_HOST
NGINX_BACKEND_PORT 8080

Django

Same as HTTP proxy but with additional media/static locations for Django.

Overridden default values:

Variable Default Value
NGINX_BACKEND_HOST python
NGINX_BACKEND_PORT 8080

PHP-based (FastCGI)

Overridden default values:

Variable Default Value
NGINX_BACKEND_HOST php
NGINX_BACKEND_PORT 9000

PHP

  • Preset template
  • Usage: add NGINX_VHOST_PRESET=php, optionally modify NGINX_BACKEND_HOST

Overridden default values:

Variable Default Value
NGINX_INDEX_FILE index.php index.html

WordPress

  • Preset template
  • Usage: add NGINX_VHOST_PRESET=wordpress, optionally modify NGINX_BACKEND_HOST
  • Access to *.txt files allowed only if they are located in uploads directory
  • Access to /wp-content/uploads/woocommerce_uploads disallowed
  • Dynamic generated /robots.txt supported
  • Supports /wp-sitemap.xml endpoint
  • Alternative sitemap.xml endpoints:
  • Default value of NGINX_HEADERS_CONTENT_SECURITY_POLICY overridden to frame-ancestors: 'self'

Default value of NGINX_WP_NOT_FOUND_REGEX (backspaces must be escaped) is: .+\\.(?:txt|pot|sh|.*sql?)|(?:composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$

Drupal

  • Preset templates: Drupal 10, Drupal 9, Drupal 8, Drupal 7
  • Usage: add NGINX_VHOST_PRESET= with the value of drupal10, drupal9, drupal8 or drupal7. Optionally modify NGINX_BACKEND_HOST
  • If you want to use stage_file_proxy module, set $NGINX_STATIC_404_TRY_INDEX=1 to redirect 404 static files requests to Drupal
  • Access to .txt (can be overridden via NGINX_DRUPAL_FILES_STATIC_EXT_REGEX) files allowed only if they are located in files directory
  • Access to certs extensions gives 404 based on the value of $NGINX_DRUPAL_NOT_FOUND_REGEX
  • Default value of NGINX_HEADERS_CONTENT_SECURITY_POLICY overridden to frame-ancestors: 'self'

Default value of NGINX_DRUPAL_NOT_FOUND_REGEX (backspaces must be escaped) is taken from Drupal's .htaccess and depends on the Drupal version:

Drupal 10/9/8:

\\.(engine|txt|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\\.php)?|xtmpl|yml|yaml)(~|\\.sw[op]|\\.bak|\\.orig|\\.save)?$|^(\\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$|^#.*#$|\\.php(~|\\.sw[op]|\\.bak|\\.orig|\\.save)$

Drupal 7:

\\.(engine|txt|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\\.php)?|xtmpl|yml|yaml)(~|\\.sw[op]|\\.bak|\\.orig|\\.save)?$|^(\\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$|^#.*#$|\\.php(~|\\.sw[op]|\\.bak|\\.orig\\.save)$

Matomo

Based on https://github.com/matomo-org/matomo-nginx

The default value of NGINX_STATIC_EXT_REGEX overridden:

css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt|map|webp|json|html

Custom preset

You can use a custom by preset by mounting your preset to /etc/gotpl/presets/[my-preset-name].conf.tmpl and setting $NGINX_VHOST_PRESET=[my-preset-name].

No preset

To disable presets set $NGINX_VHOST_PRESET=""

Maintenance

Updates to Nginx and base image automated via wodby/images.

Orchestration actions

Usage:

make COMMAND [params ...]

commands:
    init
    git-checkout [target is_hash]
    check-ready [host max_try wait_seconds delay_seconds]

default params values:
    host localhost
    max_try 1
    wait_seconds 1
    delay_seconds 0
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].