Update default

Dockerfile

@@ -1,4 +1,4 @@
-FROM lsiobase/alpine.nginx:3.8
+FROM linuxserver/letsencrypt
 
 # set version label
 ARG BUILD_DATE
@@ -9,8 +9,8 @@ LABEL maintainer="aptalca"
 # environment settings
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 
+# install packages
 RUN \
- echo "**** install runtime pacakges ****" && \
  apk add --no-cache \
 	curl \
 	php7-ctype \
@@ -18,19 +18,18 @@ RUN \
 	php7-tokenizer \
 	tar && \
  echo "**** install heimdall ****" && \
+ HEIM_VER="$(curl -sX GET https://api.github.com/repos/linuxserver/Heimdall/releases/latest | grep 'tag_name' | cut -d\" -f4)" && \
  mkdir -p \
 	/var/www/localhost/heimdall && \
- HEIM_VER=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
-	| awk '/tag_name/{print $4;exit}' FS='[""]') && \
  curl -o \
  /tmp/heimdall.tar.gz -L \
 	"https://github.com/linuxserver/Heimdall/archive/${HEIM_VER}.tar.gz" && \
  tar xf \
  /tmp/heimdall.tar.gz -C \
 	/var/www/localhost/heimdall --strip-components=1 && \
- echo "**** cleanup ****" && \
+ echo "** cleanup **" && \
  rm -rf \
-	/tmp/*
+ /tmp/*
 
 # add local files
 COPY root/ /

README.md

@@ -86,9 +86,5 @@ This image now supports password protection through htpasswd. Run the following
 
 ## Versions
 
-+ **05.09.18:** Rebase to alpine linux 3.8.
-+ **06.03.18:** Use password protection if htpasswd is set. 
-Existing users can delete their default site config at /config/nginx/site-confs/default 
-and restart the container, a new default site config with htpasswd support will be created in its place
-
++ **06.03.18:** Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place
 + **12.02.18:** Initial Release.

root/defaults/default

@@ -1,43 +1,71 @@
-## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
+## Version 2018/03/08 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
 
+# listening on port 80 disabled by default, remove the "#" signs to enable
+# redirect all traffic to https
+#server {
+#	listen 80;
+#	server_name _;
+#	return 301 https://$host$request_uri;
+#}
+
+# main server block
 server {
-	listen 80 default_server;
-
-	listen 443 ssl;
+	listen 443 ssl default_server;
 
 	root /var/www/localhost/heimdall/public;
-	index index.php index.html index.htm;
+	index index.html index.htm index.php;
 
 	server_name _;
 
-	ssl_certificate /config/keys/cert.crt;
-	ssl_certificate_key /config/keys/cert.key;
+	# all ssl related config moved to ssl.conf
+	include /config/nginx/ssl.conf;
 
 	client_max_body_size 0;
-	
-        error_page 599 = @noauth;
 
-        location / {
-                if (!-f /config/nginx/.htpasswd) {
-                        return 599;
-                }
-                auth_basic "Restricted";
-                auth_basic_user_file /config/nginx/.htpasswd;
-                try_files $uri $uri/ /index.php?$args;
-        }
-
-        location @noauth {
-                try_files $uri $uri/ /index.php?$args;
-        }
+	location / {
+		try_files $uri $uri/ /index.php?$args;
+	}
 
 	location ~ \.php$ {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;
-		# With php5-cgi alone:
+		# With php7-cgi alone:
 		fastcgi_pass 127.0.0.1:9000;
-		# With php5-fpm:
-		#fastcgi_pass unix:/var/run/php5-fpm.sock;
+		# With php7-fpm:
+		#fastcgi_pass unix:/var/run/php7-fpm.sock;
 		fastcgi_index index.php;
 		include /etc/nginx/fastcgi_params;
-
 	}
+
+# sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp"
+# notice this is within the same server block as the base
+# don't forget to generate the .htpasswd file as described on docker hub
+#	location ^~ /cp {
+#		auth_basic "Restricted";
+#		auth_basic_user_file /config/nginx/.htpasswd;
+#		include /config/nginx/proxy.conf;
+#		proxy_pass http://192.168.1.50:5050/cp;
+#	}
+
 }
+
+# sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above
+# notice this is a new server block, you need a new server block for each subdomain
+#server {
+#	listen 443 ssl;
+#
+#	root /config/www;
+#	index index.html index.htm index.php;
+#
+#	server_name cp.*;
+#
+#	include /config/nginx/ssl.conf;
+#
+#	client_max_body_size 0;
+#
+#	location / {
+#		auth_basic "Restricted";
+#		auth_basic_user_file /config/nginx/.htpasswd;
+#		include /config/nginx/proxy.conf;
+#		proxy_pass http://192.168.1.50:5050;	
+#	}
+#}

root/etc/cont-init.d/60-config

@@ -1,10 +1,10 @@
 #!/usr/bin/with-contenv bash
 
-# make our folders
+# create folders
 mkdir -p \
-	/config/www/{backgrounds,icons}
+  /config/www/{backgrounds,icons}
 
-# create symlinks
+# symlink user config
 
 symlinks=( \
 /var/www/localhost/heimdall/storage/app/public/backgrounds \