Skip to content

Richardds/docker-nginx

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Nginx for Docker

Customized Docker image for Nginx.

  • TLS 1.3 only
  • Handler for unknown domains
  • Generates self-signed certificate for default server
  • Generates dhparam.pem of size 2048
  • Generates fallback self-signed certificate used by fallback HTTPS server

Example

server {
    listen                  [::]:80 deferred;
    listen                  80 deferred;

    server_name             example.com;

    return 301 https://$host$request_uri;
}

server {
    listen                  [::]:443 ssl http2;
    listen                  443 ssl http2;

    server_name             example.com;
    root                    /srv;

    include                 snippets/tls/enable.conf;
    include                 snippets/tls/ocsp.conf;

    ssl_certificate         ssl/certs/example.com.pem;
    ssl_certificate_key     ssl/keys/example.com.pem;

    location / {
        index               index.html;
        try_files           $uri =404;
    }
}

Snippets

Snippet Description
log_no_favicon.conf Disable logging of /favicon.ico requests
log_no_robots.conf Disable logging of /robots.txt requests

TLS

Snippet Description
enable.conf Enable SSL
ocsp.conf Enable OCSP stapling

Headers

Snippet Description
hsts.conf Forces HTTPS
robots.conf Disallow internet robots to follow and index the page
security.conf Various security headers