Skip to content

Devilbox's Nginx mainline (based on official Nginx Docker) [multi-arch]

License

Notifications You must be signed in to change notification settings

devilbox/docker-nginx-mainline

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Nginx mainline

release Github lint build nightly License

Discord Discourse

Available Architectures: amd64, arm64, 386, arm/v7, arm/v6

This image is based on the official Nginx Docker image and extends it with the ability to have virtual hosts created automatically, as well as adding SSL certificates when creating new directories. For that to work, it integrates two tools that will take care about the whole process: watcherd and vhost-gen.

From a users perspective, you mount your local project directory into the container under /shared/httpd. Any directory then created in your local project directory wil spawn a new virtual host by the same name. Each virtual host optionally supports a generic or custom backend configuration: static files, PHP-FPM, reverse proxy (with or without websocket support)..

HTTP/2 is enabled by default for all SSL connections.

For convenience the entrypoint script during docker run provides a pretty decent validation and documentation about wrong user input and suggests steps to fix it.

Invalid backend string Backend Suggestion Invalid Alias Verified
Web Server Project Reference Implementation
Streamlined Webserver images The Devilbox

Apache 2.2 | Apache 2.4 | Nginx stable | Nginx mainline


๐Ÿ‹ Available Docker tags

latest debian alpine

docker pull devilbox/nginx-mainline

Rolling releases

The following Docker image tags are rolling releases and are built and updated every night.

nightly

Docker Tag Git Ref Available Architectures
latest master amd64, i386, arm64, arm/v7, arm/v6
debian master amd64, i386, arm64, arm/v7, arm/v6
alpine master amd64, i386, arm64, arm/v7, arm/v6

Point in time releases

The following Docker image tags are built once and can be used for reproducible builds. Its version never changes so you will have to update tags in your pipelines from time to time in order to stay up-to-date.

build

Docker Tag Git Ref Available Architectures
<tag> git: <tag> amd64, i386, arm64, arm/v7, arm/v6
<tag>-debian git: <tag> amd64, i386, arm64, arm/v7, arm/v6
<tag>-alpine git: <tag> amd64, i386, arm64, arm/v7, arm/v6

๐Ÿ›ˆ Where <tag> refers to the chosen git tag from this repository.
โš  Warning: The latest available git tag is also build every night and considered a rolling tag.

โœฐ Features

This repository uses official httpd Docker images and adds a lot of features, logic and autmomation op top. This allows you to feature-toggle certain functionality simply by setting environment variables.

Below is a brief overview about most outstanding features, but I would still advice you to read up on available environment variables, as well as the architecture to get the whole picture.

๐Ÿ›ˆ For details see Documentation: Features

Automated mass virtual hosts

  • Virtual hosts are created automatically, simply by creating a new project directory (inside or outside of the container). This allows you to quickly create new projects and work on them in your IDE without the hassle of configuring the web server.

Automated PHP-FPM setup

  • PHP is not included in the provided images, but you can enable a remote backend and link it to a PHP-FPM image. This allows you to easily switch PHP versions and choose one which is currently required.

Automated Reverse Proxy setup

  • In reverse proxy mode, you can choose any http or https backend of your likings. This way you can proxy NodeJS, Python, etc. and use the webserver to add SSL in front. It distinguishes between HTTP backends (http://, https://) and Websocket backends (ws://, wss://) automatically and configures accordingly.

Automated SSL certificate generation

  • SSL certificates are generated automatically for each virtual host if you choose to enable it

Trusted HTTPS in all vhosts

  • Virtual host SSL certificates are signed by an internal Certificate Authority (or one you provide to the image). That makes it possible to set the CA to trusted and all generated vhosts will automatically have trusted SSL.

Customization per virtual host

  • Each virtual host can individually be fully customized via vhost-gen templates.

Local file system permission sync

  • File system permission/ownership of files/dirs inside the running container can be synced with the permission on your host system. This is accomplished by specifying a user- and group-id to the docker run command.

Tested with common Frameworks

  • Wordpress, Drupal, Laravel, CakePHP, PhalconPHP, Magento, Shopware, Typo3, Yii, Zend and many others.

โˆ‘ Environment Variables

The provided Docker images add a lot of injectables in order to customize it to your needs. See the table below for a brief overview.

๐Ÿ›ˆ For details see Documentation: Environment variables

If you don't feel like reading the documentation, simply try out your docker run command and add any environment variables specified below. The validation will tell you what you might have done wrong, how to fix it and what the meaning is.

Verbosity
DEBUG_ENTRYPOINT
DEBUG_RUNTIME
System
NEW_UID
NEW_GID
TIMEZONE
Nginx
WORKER_CONNECTIONS
WORKER_PROCESSES
Main Vhost
MAIN_VHOST_ENABLE
MAIN_VHOST_ALIASES_ALLOW
MAIN_VHOST_ALIASES_DENY
MAIN_VHOST_BACKEND
MAIN_VHOST_BACKEND_TIMEOUT
MAIN_VHOST_DOCROOT_DIR
MAIN_VHOST_TEMPLATE_DIR
MAIN_VHOST_SSL_TYPE

MAIN_VHOST_SSL_CN
MAIN_VHOST_STATUS_ENABLE
MAIN_VHOST_STATUS_ALIAS
Mass Vhost
MASS_VHOST_ENABLE
MASS_VHOST_ALIASES_ALLOW
MASS_VHOST_ALIASES_DENY
MASS_VHOST_BACKEND
MASS_VHOST_BACKEND_TIMEOUT
MASS_VHOST_DOCROOT_DIR
MASS_VHOST_TEMPLATE_DIR
MASS_VHOST_SSL_TYPE

MASS_VHOST_BACKEND_REWRITE
MASS_VHOST_TLD_SUFFIX
All Vhosts
DOCKER_LOGS
HTTP2_ENABLE

๐Ÿ“‚ Volumes

The provided Docker images offer the following internal paths to be mounted to your local file system.

๐Ÿ›ˆ For details see Documentation: Volumes

Data dir Config dir
/var/www/default/
/shared/httpd/
/ca/
/etc/httpd-custom.d/
/etc/vhost-gen.d/

๐Ÿ–ง Exposed Ports

When you plan on using 443 you must enable SSL via environment variables, otherwise nothing will be listening on that port.

Docker Description
80 HTTP listening Port
443 HTTPS listening Port

๐Ÿ’ก Examples

The documentation provides many copy/paste examples about common use-cases including dummy projects.

The given examples distinguish between two different kinds of setup: The default vhost, which only allows to serve a single project and the mass vhost setup, which allows unlimited vhosts that are created automtically. Both types offer the same set of features and are configured in a similar way, so If you find an example in one kind it is easily applyable to the other kind as well.

๐Ÿ›ˆ For details see Documentation: Examples
๐Ÿ›ˆ For details see Docker Compose: Examples

Docker

Default vhost
   ๐Ÿ’ก Serve static files
   ๐Ÿ’ก Serve PHP files
   ๐Ÿ’ก Sync local filestem permission
   ๐Ÿ’ก Serve PHP files over HTTPS
   ๐Ÿ’ก Reverse Proxy NodeJS
   ๐Ÿ’ก Reverse Proxy Websocket
Unlimited vhosts
   ๐Ÿ’ก Custom vhost-gen template
   ๐Ÿ’ก LEMP stack with PHP-FPM and MariaDB
   ๐Ÿ’ก Wordpress setup

Docker Compose

Default vhost
   ๐Ÿ’ก Serve static files
   ๐Ÿ’ก Serve PHP files
   ๐Ÿ’ก Serve PHP files over HTTPS
   ๐Ÿ’ก Reverse Proxy NodeJS
   ๐Ÿ’ก Reverse Proxy Python
Unlimited vhosts
   ๐Ÿ’ก Serve PHP files over HTTPS
   ๐Ÿ’ก Reverse Proxy and PHP-FPM

๐Ÿ‘ท Architecture

The following diagram shows the basic architecture of this docker image.

๐Ÿ›ˆ For details see Documentation: Architecture

       # mass-vhost                                     # main-vhost only
       docker-entrypoint.sh                             docker-entrypoint.sh
                |                                                |
                โ†“                                                โ†“
           supervisord (pid 1)                                 httpd (pid 1)
          /     |
         /      |
       โ†™        โ†“
  start       start
  httpd      watcherd
            /    |    \
           /     |     \
          โ†“      โ†“      โ†˜
        sgn     rm      create-vhost.sh
       httpd   vhost     |           |
                         |           |
                         โ†“           โ†“
                      cert-gen    vhost-gen โญข generate vhost

๐Ÿ–ค Sister Projects

Show some love for the following sister projects.

๐Ÿ–ค Project ๐Ÿฑ GitHub ๐Ÿ‹ DockerHub
Devilbox
docker-php-fpm devilbox/php-fpm
docker-php-fpm-community devilbox/php-fpm-community
docker-mysql devilbox/mysql
docker-apache-2.2
docker-apache-2.4
docker-nginx-stable
docker-nginx-mainline
devilbox/apache-2.2
devilbox/apache-2.4
devilbox/nginx-stable
devilbox/nginx-mainline
docker-bind cytopia/bind

๐Ÿ‘ซ Community

In case you seek help, go and visit the community pages.

devilbox.readthedocs.io discord/devilbox devilbox.discourse.group

๐Ÿง˜ Maintainer

@cytopia

I try to keep up with literally over 100 projects besides a full-time job. If my work is making your life easier, consider contributing. ๐Ÿ–ค

Findme: ๐Ÿฑ cytopia / devilbox | ๐Ÿ‹ cytopia / devilbox | ๐Ÿฆ everythingcli / devilbox | ๐Ÿ“– everythingcli.org

Contrib: PyPI: cytopia ยท Terraform: cytopia ยท Ansible: cytopia

๐Ÿ—Ž License

MIT License

Copyright (c) 2016 cytopia