linuxserver/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2025-10-28 11:37:43 +09:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Comment out QUIC listeners and update readme

Browse Source
This commit is contained in:
thespad
2025-07-18 20:26:10 +01:00
parent 56ff1d5e19
commit 2d6a54a526
3 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -142,6 +142,12 @@ This will *ask* Google et al not to index and list your site. Be careful with th
* Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not. * Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not.
* You can check the new sample and adjust your active config as needed. * You can check the new sample and adjust your active config as needed.
### QUIC support
This image supports QUIC (also known as HTTP/3) but it must be explicitly enabled in each proxy conf, and the default conf, because if the listener is enabled and you don't expose 443/UDP, it can break connections with some browsers.
To enable QUIC, expose 443/UDP to your clients, then uncomment both QUIC listeners in all of your active proxy confs, as well as the default conf, and restart the container.
### Migration from the old `linuxserver/letsencrypt` image ### Migration from the old `linuxserver/letsencrypt` image
Please follow the instructions [on this blog post](https://www.linuxserver.io/blog/2020-08-21-introducing-swag#migrate). Please follow the instructions [on this blog post](https://www.linuxserver.io/blog/2020-08-21-introducing-swag#migrate).
@@ -194,6 +200,7 @@ services:
ports: ports:
- 443:443 - 443:443
- 80:80 #optional - 80:80 #optional
- 443/udp:443/udp #optional
restart: unless-stopped restart: unless-stopped
``` ```
@@ -221,6 +228,7 @@ docker run -d \
-e SWAG_AUTORELOAD_WATCHLIST= `#optional` \ -e SWAG_AUTORELOAD_WATCHLIST= `#optional` \
-p 443:443 \ -p 443:443 \
-p 80:80 `#optional` \ -p 80:80 `#optional` \
-p 443/udp:443/udp `#optional` \
-v /path/to/swag/config:/config \ -v /path/to/swag/config:/config \
--restart unless-stopped \ --restart unless-stopped \
lscr.io/linuxserver/swag:latest lscr.io/linuxserver/swag:latest
@@ -234,6 +242,7 @@ Containers are configured using parameters passed at runtime (such as those abov
| :----: | --- | | :----: | --- |
| `-p 443:443` | HTTPS port | | `-p 443:443` | HTTPS port |
| `-p 80` | HTTP port (required for HTTP validation and HTTP -> HTTPS redirect) | | `-p 80` | HTTP port (required for HTTP validation and HTTP -> HTTPS redirect) |
| `-p 443/udp` | QUIC (HTTP/3) port. Must be enabled in the default and proxy confs. |
| `-e PUID=1000` | for UserID - see below for explanation | | `-e PUID=1000` | for UserID - see below for explanation |
| `-e PGID=1000` | for GroupID - see below for explanation | | `-e PGID=1000` | for GroupID - see below for explanation |
| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). | | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |

9
readme-vars.yml
View File

@@ -44,6 +44,7 @@ opt_param_env_vars:
opt_param_usage_include_ports: true opt_param_usage_include_ports: true
opt_param_ports: opt_param_ports:
- {external_port: "80", internal_port: "80", port_desc: "HTTP port (required for HTTP validation and HTTP -> HTTPS redirect)"} - {external_port: "80", internal_port: "80", port_desc: "HTTP port (required for HTTP validation and HTTP -> HTTPS redirect)"}
- {external_port: "443/udp", internal_port: "443/udp", port_desc: "QUIC (HTTP/3) port. Must be enabled in the default and proxy confs."}
readonly_supported: true readonly_supported: true
readonly_message: | readonly_message: |
* `/tmp` must be mounted to tmpfs * `/tmp` must be mounted to tmpfs
@@ -138,6 +139,12 @@ app_setup_block: |
* Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not. * Proxy sample files WILL be updated, however your renamed (enabled) proxy files will not.
* You can check the new sample and adjust your active config as needed. * You can check the new sample and adjust your active config as needed.
### QUIC support
This image supports QUIC (also known as HTTP/3) but it must be explicitly enabled in each proxy conf, and the default conf, because if the listener is enabled and you don't expose 443/UDP, it can break connections with some browsers.
To enable QUIC, expose 443/UDP to your clients, then uncomment both QUIC listeners in all of your active proxy confs, as well as the default conf, and restart the container.
### Migration from the old `linuxserver/letsencrypt` image ### Migration from the old `linuxserver/letsencrypt` image
Please follow the instructions [on this blog post](https://www.linuxserver.io/blog/2020-08-21-introducing-swag#migrate). Please follow the instructions [on this blog post](https://www.linuxserver.io/blog/2020-08-21-introducing-swag#migrate).
@@ -207,7 +214,7 @@ init_diagram: |
"swag:latest" <- Base Images "swag:latest" <- Base Images
# changelog # changelog
changelogs: changelogs:
- {date: "09.07.25:", desc: "Rebase to Alpine 3.22 with PHP 8.4. Add QUIC support. Drop PHP bindings for mcrypt as it is no longer maintained."} - {date: "18.07.25:", desc: "Rebase to Alpine 3.22 with PHP 8.4. Add QUIC support. Drop PHP bindings for mcrypt as it is no longer maintained."}
- {date: "05.05.25:", desc: "Disable Certbot's built in log rotation."} - {date: "05.05.25:", desc: "Disable Certbot's built in log rotation."}
- {date: "19.01.25:", desc: "Add [Auto Reload](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload) functionality to SWAG."} - {date: "19.01.25:", desc: "Add [Auto Reload](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload) functionality to SWAG."}
- {date: "17.12.24:", desc: "Rebase to Alpine 3.21."} - {date: "17.12.24:", desc: "Rebase to Alpine 3.21."}

6
root/defaults/nginx/site-confs/default.conf.sample
View File

@@ -1,4 +1,4 @@
## Version 2025/07/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample ## Version 2025/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
# redirect all traffic to https # redirect all traffic to https
server { server {
@@ -13,9 +13,9 @@ server {
# main server block # main server block
server { server {
listen 443 ssl default_server; listen 443 ssl default_server;
# listen 443 quic reuseport default_server;
listen [::]:443 ssl default_server; listen [::]:443 ssl default_server;
listen 443 quic reuseport default_server; # listen [::]:443 quic reuseport default_server;
listen [::]:443 quic reuseport default_server;
server_name _; server_name _;