webpanorg/nginx
This is a project that contains the source code for the webpanorg/nginx image. It includes the original Dockerfile for building nginx with additional modules. The Dockerfile includes a build of nginx with support for http3.
Docker compose file
version: '3'
services:
nginx:
container_name: nginx
hostname: nginx
image: webpanorg/nginx:latest
ports:
- "80:80"
- "443:443/tcp"
- "443:443/udp"
volumes:
- /opt/docker/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- /opt/docker/nginx/letsencrypt:/etc/letsencrypt:ro
- /opt/docker/nginx/html:/etc/nginx/html:ro
- /opt/docker/nginx/tmp:/etc/nginx/tmp:ro
restart: always
Nginx config file
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
listen 80;
listen [::]:80;
server_name _;
location /.well-known/acme-challenge/ {
root /etc/nginx/tmp;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
server_name ${your_domain};
client_max_body_size 4G;
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
quic_gso on;
quic_retry on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_certificate /etc/letsencrypt/live/${your_domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${your_domain}/privkey.pem;
add_header Alt-Svc 'h3=":443";max=86400';
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
proxy_set_header Origin https://$host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:8080;
}
}
}
Command for create ssl with certbot
docker run --rm \
-v /opt/docker/nginx/letsencrypt:/etc/letsencrypt \
-v /opt/docker/nginx/tmp:/tmp/letsencrypt \
certbot/certbot \
certonly \
--webroot \
--agree-tos \
--renew-by-default \
--preferred-challenges http-01 \
--email email@example.com \
--webroot-path /tmp/letsencrypt \
-d ${domain}
docker pull webpanorg/nginx