chrone: sperate client and server to different repos.

2026-02-18 22:00:31 +00:00 · 2021-09-21 17:13:53 +02:00
parent e011b2a82b
commit 18df5530c7
10015 changed files with 17686 additions and 97524 deletions
--- a/docker/nginx/Dockerfile
+++ b/docker/nginx/Dockerfile
@@ -1,23 +0,0 @@
-FROM nginx:1.11
-
-RUN mkdir /etc/nginx/sites-available && rm /etc/nginx/conf.d/default.conf
-ADD nginx.conf /etc/nginx/
-
-COPY scripts /root/scripts/
-COPY certs /etc/ssl/
-
-COPY sites /etc/nginx/templates
-
-ARG WEB_REVERSE_PROXY_PORT=3000
-ARG WEB_SSL=false
-ARG SELF_SIGNED=false
-ARG NO_DEFAULT=false
-
-ENV WEB_REVERSE_PROXY_PORT=$WEB_REVERSE_PROXY_PORT
-ENV WEB_SSL=$WEB_SSL
-ENV SELF_SIGNED=$SELF_SIGNED
-ENV NO_DEFAULT=$NO_DEFAULT
-
-RUN /bin/bash /root/scripts/build-nginx.sh
-
-CMD nginx
--- a/docker/nginx/certs/.gitkeep
+++ b/docker/nginx/certs/.gitkeep
--- a/docker/nginx/nginx.conf
+++ b/docker/nginx/nginx.conf
@@ -1,33 +0,0 @@
-user www-data;
-worker_processes auto;
-pid /run/nginx.pid;
-daemon off;
-
-events {
-  worker_connections  2048;
-  use epoll;
-}
-
-http {
-  server_tokens off;
-  sendfile on;
-  tcp_nopush on;
-  tcp_nodelay on;
-  keepalive_timeout 15;
-  types_hash_max_size 2048;
-  client_max_body_size 20M;
-  open_file_cache max=100;
-  gzip on;
-  gzip_disable "msie6";
-
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
-
-  include /etc/nginx/mime.types;
-  default_type application/octet-stream;
-
-  include /etc/nginx/conf.d/*.conf;
-  include /etc/nginx/sites-available/*;
-  access_log /var/log/nginx/access.log;
-  error_log /var/log/nginx/error.log;
-}
--- a/docker/nginx/scripts/build-nginx.sh
+++ b/docker/nginx/scripts/build-nginx.sh
@@ -1,20 +0,0 @@
-#!/bin/bash
-
-for conf in /etc/nginx/templates/*.conf; do
-    mv $conf "/etc/nginx/sites-available/"$(basename $conf) > /dev/null
-done
-
-for template in /etc/nginx/templates/*.template; do
-    envsubst < $template > "/etc/nginx/sites-available/"$(basename $template)".conf"
-done
-
-if [[ "$NO_DEFAULT" = true ]]; then
-    rm /etc/nginx/sites-available/node.template.conf
-    rm /etc/nginx/sites-available/node-https.template.conf
-else
-    if [[ "$WEB_SSL" = false ]]; then
-        rm /etc/nginx/sites-available/node-https.template.conf
-    fi
-fi
-
-. /root/scripts/run-openssl.sh
--- a/docker/nginx/scripts/run-openssl.sh
+++ b/docker/nginx/scripts/run-openssl.sh
@@ -1,31 +0,0 @@
-#!/bin/bash
-
-if [[ "$WEB_SSL" = true && "$NO_DEFAULT" = false ]]; then
-    if [[ "$SELF_SIGNED" = true ]]; then
-        echo "---------------------------------------------------------"
-        echo "APACHE: Generating certificates"
-        echo "---------------------------------------------------------"
-        openssl req \
-            -new \
-            -newkey rsa:4096 \
-            -days 1095 \
-            -nodes \
-            -x509 \
-            -subj "/C=FK/ST=Fake/L=Fake/O=Fake/CN=0.0.0.0" \
-            -keyout /etc/ssl/privkey1.pem \
-            -out /etc/ssl/cert1.pem
-        chown www-data:www-data /etc/ssl/cert1.pem
-        chown www-data:www-data /etc/ssl/privkey1.pem
-    else
-        echo "---------------------------------------------------------"
-        echo "APACHE: Using certificates in 'nodock/apache/certs/'"
-        echo "---------------------------------------------------------"
-        if [ -e /var/certs/cert1.pem ]; then
-            cp /var/certs/cert1.pem /etc/ssl/cert1.pem
-        fi
-        if [ -e /var/certs/privkey1.pem ]; then
-            cp /var/certs/privkey1.pem /etc/ssl/privkey1.pem
-        fi
-    fi
-fi
-
--- a/docker/nginx/sites/node-https.template
+++ b/docker/nginx/sites/node-https.template
@@ -1,13 +0,0 @@
-# environment variables
-# WEB_REVERSE_PROXY_PORT ${WEB_REVERSE_PROXY_PORT}
-server {
-    listen 443 default_server http2;
-
-    ssl on;
-    ssl_certificate /etc/ssl/cert1.pem;
-    ssl_certificate_key /etc/ssl/privkey1.pem;
-
-    location / {
-      proxy_pass http://node:${WEB_REVERSE_PROXY_PORT};
-    }
-}
--- a/docker/nginx/sites/node.template
+++ b/docker/nginx/sites/node.template
@@ -1,32 +0,0 @@
-# environment variables
-# WEB_REVERSE_PROXY_PORT ${WEB_REVERSE_PROXY_PORT}
-server {
-  listen 80 default_server;
-
-  listen [::]:80 default_server;
-
-  # SSL configuration
-  #
-  # listen 443 ssl default_server;
-  # listen [::]:443 ssl default_server;
-  #
-  # Note: You should disable gzip for SSL traffic.
-  # See: https://bugs.debian.org/773332
-  #
-  # Read up on ssl_ciphers to ensure a secure configuration.
-  # See: https://bugs.debian.org/765782
-  #
-  # Self signed certs generated by the ssl-cert package
-  # Don't use them in a production server!
-  #
-  # include snippets/snakeoil.conf;
-
-  root /var/www/moosher;
-
-  # Add index.php to the list if you are using PHP
-  index index.html index.htm index.nginx-debian.html;
-
-  location /api { 
-      proxy_pass http://node:${WEB_REVERSE_PROXY_PORT};
-  }
-}