Use template mechanism of nginx image
diff --git a/docker-compose.yml b/docker-compose.yml
index c87ce6a..1396bd1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,9 +18,9 @@
volumes:
- ./certbot/www/:/var/www/certbot/:ro
- ./certs/:/etc/nginx/certs/:rw
- - ./nginx/sa.conf:/etc/nginx/conf.d/default.conf.template:ro
- - ./nginx/id.sa.conf:/etc/nginx/conf.d/id.sa.conf.template:ro
- - ./nginx/review.sa.conf:/etc/nginx/conf.d/review.sa.conf.template:ro
+ - ./nginx/sa.conf:/etc/nginx/templates/default.conf.template:ro
+ - ./nginx/id.sa.conf:/etc/nginx/templates/id.sa.conf.template:ro
+ - ./nginx/review.sa.conf:/etc/nginx/templates/review.sa.conf.template:ro
- ./logs/nginx:/var/log/nginx/:rw
postgres:
build:
diff --git a/nginx/Dockerfile.entrypoint b/nginx/Dockerfile.entrypoint
index 34e10f1..2af13cb 100644
--- a/nginx/Dockerfile.entrypoint
+++ b/nginx/Dockerfile.entrypoint
@@ -14,11 +14,7 @@
cp /etc/ssl/certs/sa-selfsigned.crt ${live}/${domain}/cert.pem
fi
- for f in /etc/nginx/conf.d/sa.conf; do
- sed "s/miau.local/${domain}/" ${f}.template >${f}
- done
+ chmod -R go-w /etc/nginx/certs/live/
}
-chmod -R a-w /etc/nginx/certs/ /etc/nginx/conf.d/sa.conf
-
exec /docker-entrypoint.sh "$@"
diff --git a/nginx/id.sa.conf b/nginx/id.sa.conf
index 9dbac41..b64cc7d 100644
--- a/nginx/id.sa.conf
+++ b/nginx/id.sa.conf
@@ -2,7 +2,7 @@
listen 443 ssl;
listen [::]:443 ssl;
- server_name id.miau.local;
+ server_name id.${SA_PUBLIC_DOMAIN_NAME};
location /auth/ { # Gerrit adds this prefix for Keycloak...
rewrite ^/auth(.*)$ $1 last;
diff --git a/nginx/review.sa.conf b/nginx/review.sa.conf
index b5c826d..f25213c 100644
--- a/nginx/review.sa.conf
+++ b/nginx/review.sa.conf
@@ -4,7 +4,7 @@
listen 443 ssl;
listen [::]:443 ssl;
- server_name review.miau.local;
+ server_name review.${SA_PUBLIC_DOMAIN_NAME};
location / {
proxy_pass http://gerrit:8080;
diff --git a/nginx/sa.conf b/nginx/sa.conf
index f0cb923..56262ae 100644
--- a/nginx/sa.conf
+++ b/nginx/sa.conf
@@ -14,8 +14,8 @@
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
- ssl_certificate /etc/nginx/certs/live/miau.local/fullchain.pem;
- ssl_certificate_key /etc/nginx/certs/live/miau.local/privkey.pem;
+ ssl_certificate /etc/nginx/certs/live/${SA_PUBLIC_DOMAIN_NAME}/fullchain.pem;
+ ssl_certificate_key /etc/nginx/certs/live/${SA_PUBLIC_DOMAIN_NAME}/privkey.pem;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
#ssl_dhparam /etc/nginx/dhparam.pem;
diff --git a/php-fpm/phpinfo.php b/php-fpm/phpinfo.php
new file mode 100644
index 0000000..61ace19
--- /dev/null
+++ b/php-fpm/phpinfo.php
@@ -0,0 +1,2 @@
+<?php
+phpinfo();