Use standard nginx.conf from lsio alpine nginx base image

2025-10-26 18:53:40 +09:00 · 2021-10-14 16:03:42 -05:00
parent c02488e09b
commit 10c254db2c
10 changed files with 174 additions and 255 deletions
--- a/52
+++ b/52
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
 # set version label
 ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
- echo "**** install runtime packages ****" && \
+  echo "**** install runtime packages ****" && \
- apk add --no-cache --upgrade \
+  apk add --no-cache --upgrade \
-	curl \
+    curl \
-	php7-ctype \
+    php8-ctype \
-	php7-curl \
+    php8-curl \
-	php7-pdo_pgsql \
+    php8-pdo_pgsql \
-	php7-pdo_sqlite \
+    php8-pdo_sqlite \
-	php7-pdo_mysql \
+    php8-pdo_mysql \
-	php7-tokenizer \
+    php8-tokenizer \
-	php7-zip && \
+    php8-zip \
- echo "**** install heimdall ****" && \
+    tar && \
- mkdir -p \
+  echo "**** install heimdall ****" && \
-	/heimdall && \
+  mkdir -p \
- if [ -z ${HEIMDALL_RELEASE+x} ]; then \
+    /heimdall && \
-	HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
+  if [ -z ${HEIMDALL_RELEASE+x} ]; then \
-	| awk '/tag_name/{print $4;exit}' FS='[""]'); \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
- fi && \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
- curl -o \
+  fi && \
- /heimdall/heimdall.tar.gz -L \
+  curl -o \
-	"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
+    /heimdall/heimdall.tar.gz -L \
- echo "**** cleanup ****" && \
+    "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
- rm -rf \
+  echo "**** cleanup ****" && \
-	/tmp/*
+  rm -rf \
    /tmp/*
 # add local files
 COPY root/ /
 # ports and volumes
 EXPOSE 80 443
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
 # set version label
 ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
- echo "**** install runtime packages ****" && \
+  echo "**** install runtime packages ****" && \
- apk add --no-cache --upgrade \
+  apk add --no-cache --upgrade \
-	curl \
+    curl \
-	php7-ctype \
+    php8-ctype \
-	php7-curl \
+    php8-curl \
-	php7-pdo_pgsql \
+    php8-pdo_pgsql \
-	php7-pdo_sqlite \
+    php8-pdo_sqlite \
-	php7-pdo_mysql \
+    php8-pdo_mysql \
-	php7-tokenizer \
+    php8-tokenizer \
-	php7-zip && \
+    php8-zip \
- echo "**** install heimdall ****" && \
+    tar && \
- mkdir -p \
+  echo "**** install heimdall ****" && \
-	/heimdall && \
+  mkdir -p \
- if [ -z ${HEIMDALL_RELEASE+x} ]; then \
+    /heimdall && \
-	HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
+  if [ -z ${HEIMDALL_RELEASE+x} ]; then \
-	| awk '/tag_name/{print $4;exit}' FS='[""]'); \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
- fi && \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
- curl -o \
+  fi && \
- /heimdall/heimdall.tar.gz -L \
+  curl -o \
-	"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
+    /heimdall/heimdall.tar.gz -L \
- echo "**** cleanup ****" && \
+    "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
- rm -rf \
+  echo "**** cleanup ****" && \
-	/tmp/*
+  rm -rf \
    /tmp/*
 # add local files
 COPY root/ /
 # ports and volumes
 EXPOSE 80 443
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
 # set version label
 ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
- echo "**** install runtime packages ****" && \
+  echo "**** install runtime packages ****" && \
- apk add --no-cache --upgrade \
+  apk add --no-cache --upgrade \
-	curl \
+    curl \
-	php7-ctype \
+    php8-ctype \
-	php7-curl \
+    php8-curl \
-	php7-pdo_pgsql \
+    php8-pdo_pgsql \
-	php7-pdo_sqlite \
+    php8-pdo_sqlite \
-	php7-pdo_mysql \
+    php8-pdo_mysql \
-	php7-tokenizer \
+    php8-tokenizer \
-	php7-zip && \
+    php8-zip \
- echo "**** install heimdall ****" && \
+    tar && \
- mkdir -p \
+  echo "**** install heimdall ****" && \
-	/heimdall && \
+  mkdir -p \
- if [ -z ${HEIMDALL_RELEASE+x} ]; then \
+    /heimdall && \
-	HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
+  if [ -z ${HEIMDALL_RELEASE+x} ]; then \
-	| awk '/tag_name/{print $4;exit}' FS='[""]'); \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
- fi && \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
- curl -o \
+  fi && \
- /heimdall/heimdall.tar.gz -L \
+  curl -o \
-	"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
+    /heimdall/heimdall.tar.gz -L \
- echo "**** cleanup ****" && \
+    "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
- rm -rf \
+  echo "**** cleanup ****" && \
-	/tmp/*
+  rm -rf \
    /tmp/*
 # add local files
 COPY root/ /
 # ports and volumes
 EXPOSE 80 443
--- a/README.md
+++ b/README.md
@@ -76,7 +76,7 @@ Access the web gui at http://SERVERIP:PORT
 ### Adding password protection
-This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
+This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default.conf` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
 ## Usage
@@ -240,8 +240,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 ## Versions
 * **20.08.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
 * **13.03.21:** - Make searchproviders.yaml user configurable.
 * **11.03.21:** - Rebase to alpine 3.14.
 * **10.02.21:** - Revert to alpine 3.12 as php 7.4 broke laravel.
 * **10.02.21:** - Rebasing to alpine 3.13.
 * **17.08.20:** - Add php7-curl.
@@ -264,5 +264,5 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 * **07.10.18:** - Symlink `.env` rather than copy. It now resides under `/config/www`
 * **30.09.18:** - Multi-arch image. Move `.env` to `/config`.
 * **05.09.18:** - Rebase to alpine linux 3.8.
-* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place
+* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place
 * **12.02.18:** - Initial Release.
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -45,12 +45,12 @@ app_setup_block: |
  ### Adding password protection
-  This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
+  This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default.conf` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
 # changelog
 changelogs:
  - { date: "20.08.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
  - { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
  - { date: "11.03.21:", desc: "Rebase to alpine 3.14." }
  - { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." }
  - { date: "10.02.21:", desc: "Rebasing to alpine 3.13." }
  - { date: "17.08.20:", desc: "Add php7-curl." }
@@ -73,5 +73,5 @@ changelogs:
  - { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
  - { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
  - { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
-  - { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place" }
+  - { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
  - { date: "12.02.18:", desc: "Initial Release." }
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -1,43 +0,0 @@
 ## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
 server {
 	listen 80 default_server;
 	listen 443 ssl;
 	root /var/www/localhost/heimdall/public;
 	index index.php index.html index.htm;
 	server_name _;
 	ssl_certificate /config/keys/cert.crt;
 	ssl_certificate_key /config/keys/cert.key;
 	client_max_body_size 0;
        error_page 599 = @noauth;
        location / {
                if (!-f /config/nginx/.htpasswd) {
                        return 599;
                }
                auth_basic "Restricted";
                auth_basic_user_file /config/nginx/.htpasswd;
                try_files $uri $uri/ /index.php?$args;
        }
        location @noauth {
                try_files $uri $uri/ /index.php?$args;
        }
 	location ~ \.php$ {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;
 		# With php5-cgi alone:
 		fastcgi_pass 127.0.0.1:9000;
 		# With php5-fpm:
 		#fastcgi_pass unix:/var/run/php5-fpm.sock;
 		fastcgi_index index.php;
 		include /etc/nginx/fastcgi_params;
 	}
 }
--- a/root/defaults/nginx.conf
+++ b/root/defaults/nginx.conf
@@ -1,98 +0,0 @@
 user abc;
 worker_processes 4;
 pid /run/nginx.pid;
 include /etc/nginx/modules/*.conf;
 events {
 	worker_connections 768;
 	# multi_accept on;
 }
 http {
 	##
 	# Basic Settings
 	##
 	sendfile on;
 	tcp_nopush on;
 	tcp_nodelay on;
 	keepalive_timeout 65;
 	types_hash_max_size 2048;
 	# server_tokens off;
 	# server_names_hash_bucket_size 64;
 	# server_name_in_redirect off;
 	client_max_body_size 0;
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;
 	##
 	# Logging Settings
 	##
 	access_log /config/log/nginx/access.log;
 	error_log /config/log/nginx/error.log;
 	##
 	# Gzip Settings
 	##
 	gzip on;
 	gzip_disable "msie6";
 	# gzip_vary on;
 	# gzip_proxied any;
 	# gzip_comp_level 6;
 	# gzip_buffers 16 8k;
 	# gzip_http_version 1.1;
 	# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
 	##
 	# nginx-naxsi config
 	##
 	# Uncomment it if you installed nginx-naxsi
 	##
 	#include /etc/nginx/naxsi_core.rules;
 	##
 	# nginx-passenger config
 	##
 	# Uncomment it if you installed nginx-passenger
 	##
 	#passenger_root /usr;
 	#passenger_ruby /usr/bin/ruby;
 	##
 	# Virtual Host Configs
 	##
 	include /etc/nginx/conf.d/*.conf;
 	include /config/nginx/site-confs/*;
 }
 #mail {
 #	# See sample authentication script at:
 #	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
 #
 #	# auth_http localhost/auth.php;
 #	# pop3_capabilities "TOP" "USER";
 #	# imap_capabilities "IMAP4rev1" "UIDPLUS";
 #
 #	server {
 #		listen     localhost:110;
 #		protocol   pop3;
 #		proxy      on;
 #	}
 #
 #	server {
 #		listen     localhost:143;
 #		protocol   imap;
 #		proxy      on;
 #	}
 #}
 daemon off;
--- a/root/etc/cont-init.d/50-config
+++ b/root/etc/cont-init.d/50-config
@@ -2,57 +2,65 @@
 # make our folders
 mkdir -p \
-	/config/www/{backgrounds,icons,avatars,SupportedApps} \
+    /config/www/{backgrounds,icons,avatars,SupportedApps} \
-	/var/www/localhost/heimdall \
+    /app/www \
-	/config/log/heimdall
+    /config/log/heimdall
 # install heimdall if necessary
-[[ -f /heimdall/heimdall.tar.gz ]] && \
+if [[ -f /heimdall/heimdall.tar.gz ]]; then
- echo "New container detected, installing Heimdall" && \
+    echo "New container detected, installing Heimdall"
- tar xf \
+    tar xf \
- 	/heimdall/heimdall.tar.gz -C \
+        /heimdall/heimdall.tar.gz -C \
-	/var/www/localhost/heimdall --strip-components=1 && \
+        /app/www --strip-components=1
- echo -e '\n# Heimdall user authorization\nfastcgi_param  PHP_AUTH_USER $remote_user;\nfastcgi_param  PHP_AUTH_PW $http_authorization;' >> \
+    echo -e '\n# Heimdall user authorization\nfastcgi_param  PHP_AUTH_USER $remote_user;\nfastcgi_param  PHP_AUTH_PW $http_authorization;' >> \
-	/etc/nginx/fastcgi_params && \
+        /etc/nginx/fastcgi_params
- rm -rf /heimdall && \
+    rm -rf /heimdall
- cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig && \
+    cp /app/www/storage/app/searchproviders.yaml /app/www/storage/app/searchproviders.yaml.orig
- chown -R abc:abc /var/www/localhost/heimdall
+    chown -R abc:abc /app/www
-
+fi
 # create symlinks
 symlinks=( \
-/var/www/localhost/heimdall/storage/app/public/avatars \
+/app/www/storage/app/public/avatars \
-/var/www/localhost/heimdall/storage/app/public/backgrounds \
+/app/www/storage/app/public/backgrounds \
-/var/www/localhost/heimdall/storage/app/public/icons \
+/app/www/storage/app/public/icons \
-/var/www/localhost/heimdall/app/SupportedApps \
+/app/www/app/SupportedApps \
-/var/www/localhost/heimdall/database/app.sqlite \
+/app/www/database/app.sqlite \
-/var/www/localhost/heimdall/.env )
+/app/www/.env )
 for i in "${symlinks[@]}"
 do
-[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i"
+    if [[ -e "$i" && ! -L "$i" ]]; then
-[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i"
+        rm -rf "$i"
    fi
    if [[ ! -L "$i" ]]; then
        ln -s /config/www/"$(basename "$i")" "$i"
    fi
 done
-[[ -e "/var/www/localhost/heimdall/storage/logs/laravel.log" && ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] \
+if [[ -e "/app/www/storage/logs/laravel.log" && ! -L "/app/www/storage/logs/laravel.log" ]]; then
-	&& rm -rf "/var/www/localhost/heimdall/storage/logs/laravel.log"
+    rm -rf "/app/www/storage/logs/laravel.log"
-[[ ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] && \
+fi
-	ln -s "/config/log/heimdall/laravel.log" "/var/www/localhost/heimdall/storage/logs/laravel.log"
+if [[ ! -L "/app/www/storage/logs/laravel.log" ]]; then
    ln -s "/config/log/heimdall/laravel.log" "/app/www/storage/logs/laravel.log"
 fi
 # copy .env if not exists
-[[ ! -f /config/www/.env ]] && \
+if [[ ! -f /config/www/.env ]]; then
-  cp /var/www/localhost/heimdall/.env.example /config/www/.env && \
+    cp /app/www/.env.example /config/www/.env
-  echo "Creating app key. This may take a while on slower systems" && \
+    echo "Creating app key. This may take a while on slower systems"
-  php /var/www/localhost/heimdall/artisan key:generate
+    php /app/www/artisan key:generate
 fi
 # copy searchproviders if not exists and symlink
-[[ ! -f /config/www/searchproviders.yaml ]] && \
+if [[ ! -f /config/www/searchproviders.yaml ]]; then
-  cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
+    cp /app/www/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
-rm -rf /var/www/localhost/heimdall/storage/app/searchproviders.yaml
+fi
-ln -s /config/www/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml
+rm -rf /app/www/storage/app/searchproviders.yaml
 ln -s /config/www/searchproviders.yaml /app/www/storage/app/searchproviders.yaml
 # set queue driver to database
 sed -i 's/QUEUE_DRIVER=sync/QUEUE_DRIVER=database/' /config/www/.env
 # permissions
 echo "Setting permissions"
 chown -R abc:abc \
-	/config
+    /config
--- a/root/etc/services.d/queue/run
+++ b/root/etc/services.d/queue/run
@@ -1,4 +1,4 @@
 #!/usr/bin/with-contenv bash
 exec \
-       s6-setuidgid abc php /var/www/localhost/heimdall/artisan queue:work database --sleep=3 --tries=3
+    s6-setuidgid abc php /app/www/artisan queue:work database --sleep=3 --tries=3
--- a/root/var/www/localhost/heimdall/public/index.html
+++ b/root/var/www/localhost/heimdall/public/index.html
@@ -0,0 +1,40 @@
 <html>
    <head>
        <title>Upgrade Required!</title>
        <style>
        body{
            font-family: Helvetica, Arial, sans-serif;
        }
        .message{
            width:440px;
            padding:20px 40px;
            margin:0 auto;
            background-color:#f9f9f9;
            border:1px solid #ddd;
            color: #1e3d62;
        }
        center{
            margin:40px 0;
        }
        h1{
            font-size: 18px;
            line-height: 26px;
        }
        p{
            font-size: 12px;
        }
        a{
            color: rgb(207, 48, 139);
        }
        </style>
    </head>
    <body>
        <div class="message">
            <h1>Upgrade Required!</h1>
            <p>The application inside this image has been moved to a new folder.</p>
            <p>You will need to update your <strong>/config/nginx/nginx.conf</strong> and <strong>/config/nginx/site-confs/default.conf</strong> in order for the application to work.</p>
            <p>New config samples are located at <strong>/config/nginx/nginx.conf.sample</strong> and <strong>/config/nginx/site-confs/default.conf.sample</strong></p>
            <p>Please review our announcement: <a target="_blank" href="https://info.linuxserver.io/issues/2022-08-20-nginx-base/">Significant changes to nginx based images</a></p>
        </div>
    </body>
 </html>