mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-04 01:13:35 +09:00
Compare commits
13 Commits
2.9.0-ls28
...
2.9.0-ls29
| Author | SHA1 | Date | |
|---|---|---|---|
|
44c6bd721b | ||
|
|
d4a6be8fad | ||
|
a66b478d1d | ||
|
|
9efac76e25 | ||
|
|
23c6384f2c | ||
|
13ede8ea87 | ||
|
a9391d07ee | ||
|
|
a00d272297 | ||
|
|
0207bd8f30 | ||
|
|
3fd209d686 | ||
|
|
87ced3fd3e | ||
|
|
3e342b0529 | ||
|
|
4b4c103df4 |
@@ -104,6 +104,7 @@ RUN \
|
||||
certbot-dns-domeneshop \
|
||||
certbot-dns-dreamhost \
|
||||
certbot-dns-duckdns \
|
||||
certbot-dns-dynudns \
|
||||
certbot-dns-freedns \
|
||||
certbot-dns-gehirn \
|
||||
certbot-dns-glesys \
|
||||
|
||||
@@ -104,6 +104,7 @@ RUN \
|
||||
certbot-dns-domeneshop \
|
||||
certbot-dns-dreamhost \
|
||||
certbot-dns-duckdns \
|
||||
certbot-dns-dynudns \
|
||||
certbot-dns-freedns \
|
||||
certbot-dns-gehirn \
|
||||
certbot-dns-glesys \
|
||||
|
||||
@@ -227,7 +227,7 @@ Containers are configured using parameters passed at runtime (such as those abov
|
||||
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
||||
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
||||
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
||||
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
||||
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
||||
@@ -400,6 +400,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
||||
|
||||
## Versions
|
||||
|
||||
* **14.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38.
|
||||
* **11.03.24:** - Restore support for DynuDNS using `certbot-dns-dynudns`.
|
||||
* **06.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf.
|
||||
* **04.03.24:** - Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`.
|
||||
* **23.01.24:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate.
|
||||
|
||||
@@ -23,8 +23,8 @@ azure-mgmt-core 1.4.0 python
|
||||
azure-mgmt-dns 8.1.0 python
|
||||
bash 5.2.21-r0 apk
|
||||
beautifulsoup4 4.12.3 python
|
||||
boto3 1.34.63 python
|
||||
botocore 1.34.63 python
|
||||
boto3 1.34.69 python
|
||||
botocore 1.34.69 python
|
||||
brotli-libs 1.1.0-r1 apk
|
||||
bs4 0.0.2 python
|
||||
busybox 1.36.1-r15 apk
|
||||
@@ -51,6 +51,7 @@ certbot-dns-do 0.31.0 python
|
||||
certbot-dns-domeneshop 0.2.9 python
|
||||
certbot-dns-dreamhost 1.0 python
|
||||
certbot-dns-duckdns 1.3 python
|
||||
certbot-dns-dynudns 0.0.6 python
|
||||
certbot-dns-freedns 0.1.0 python
|
||||
certbot-dns-gehirn 2.9.0 python
|
||||
certbot-dns-glesys 2.1.0 python
|
||||
@@ -114,9 +115,9 @@ gnupg-keyboxd 2.4.4-r0 apk
|
||||
gnupg-utils 2.4.4-r0 apk
|
||||
gnupg-wks-client 2.4.4-r0 apk
|
||||
gnutls 3.8.3-r0 apk
|
||||
google-api-core 2.17.1 python
|
||||
google-api-python-client 2.122.0 python
|
||||
google-auth 2.28.2 python
|
||||
google-api-core 2.18.0 python
|
||||
google-api-python-client 2.123.0 python
|
||||
google-auth 2.29.0 python
|
||||
google-auth-httplib2 0.2.0 python
|
||||
googleapis-common-protos 1.63.0 python
|
||||
gpg 2.4.4-r0 apk
|
||||
@@ -148,7 +149,7 @@ libcurl 8.5.0-r0 apk
|
||||
libdav1d 1.3.0-r1 apk
|
||||
libedit 20230828.3.1-r3 apk
|
||||
libevent 2.1.12-r7 apk
|
||||
libexpat 2.6.0-r0 apk
|
||||
libexpat 2.6.2-r0 apk
|
||||
libffi 3.4.4-r3 apk
|
||||
libgcc 13.2.1_git20231014-r0 apk
|
||||
libgcrypt 1.10.3-r0 apk
|
||||
@@ -202,7 +203,7 @@ marshmallow 3.21.1 python
|
||||
memcached 1.6.22-r0 apk
|
||||
mock 5.1.0 python
|
||||
mpdecimal 2.5.1-r2 apk
|
||||
msal 1.27.0 python
|
||||
msal 1.28.0 python
|
||||
msal-extensions 1.1.0 python
|
||||
musl 1.2.4_git20230717-r4 apk
|
||||
musl-utils 1.2.4_git20230717-r4 apk
|
||||
@@ -297,6 +298,7 @@ pkb-client 1.2 python
|
||||
popt 1.19-r3 apk
|
||||
portalocker 2.8.2 python
|
||||
procps-ng 4.0.4-r0 apk
|
||||
proto-plus 1.23.0 python
|
||||
protobuf 4.25.3 python
|
||||
publicsuffixlist 0.9.4 python
|
||||
pyOpenSSL 24.1.0 python
|
||||
@@ -330,7 +332,7 @@ soupsieve 2.5 python
|
||||
sqlite-libs 3.44.2-r0 apk
|
||||
ssl_client 1.36.1-r15 apk
|
||||
tiff 4.6.0-r0 apk
|
||||
tldextract 5.1.1 python
|
||||
tldextract 5.1.2 python
|
||||
typing-inspect 0.9.0 python
|
||||
typing_extensions 4.10.0 python
|
||||
tzdata 2024a-r0 apk
|
||||
|
||||
@@ -50,7 +50,7 @@ opt_param_usage_include_env: true
|
||||
opt_param_env_vars:
|
||||
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
||||
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
||||
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
||||
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
||||
@@ -168,6 +168,8 @@ app_setup_block: |
|
||||
|
||||
# changelog
|
||||
changelogs:
|
||||
- { date: "14.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38." }
|
||||
- { date: "11.03.24:", desc: "Restore support for DynuDNS using `certbot-dns-dynudns`." }
|
||||
- { date: "06.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf." }
|
||||
- { date: "04.03.24:", desc: "Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`." }
|
||||
- { date: "23.01.24:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." }
|
||||
|
||||
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
@@ -0,0 +1,3 @@
|
||||
# Instructions: https://github.com/DustyRah/certbot-dns-dynudns
|
||||
# Replace with your API token from your dynudns account.
|
||||
dns_dynu_auth_token = AbCbASsd!@34
|
||||
@@ -1,4 +1,4 @@
|
||||
## Version 2024/03/14 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
||||
## Version 2024/03/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||
@@ -7,14 +7,32 @@
|
||||
# location for authelia subfolder requests
|
||||
location ^~ /authelia {
|
||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_authelia authelia;
|
||||
proxy_pass http://$upstream_authelia:9091;
|
||||
}
|
||||
|
||||
# location for authelia auth requests
|
||||
location ~ /authelia/api/(authz/auth-request|verify) {
|
||||
# location for authelia 4.37 and below auth requests
|
||||
location = /authelia/api/verify {
|
||||
internal;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_authelia authelia;
|
||||
proxy_pass http://$upstream_authelia:9091;
|
||||
|
||||
## Include the Set-Cookie header if present
|
||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||
add_header Set-Cookie $set_cookie;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
}
|
||||
|
||||
# location for authelia 4.38 and above auth requests
|
||||
location = /authelia/api/authz/auth-request {
|
||||
internal;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
# location for authentik subfolder requests
|
||||
location ^~ /outpost.goauthentik.io {
|
||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_authentik authentik-server;
|
||||
|
||||
Reference in New Issue
Block a user