aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaweł Dybiec <pdybiec@stud.cs.uni.wroc.pl>2019-12-05 19:31:30 +0100
committerPaweł Dybiec <pdybiec@stud.cs.uni.wroc.pl>2019-12-05 19:31:30 +0100
commit3883d818839ac2340a4434919084e3178064f62c (patch)
tree38b2133708b8e56f72bf8a471bb6d28b0ff530ce
parentRemove monitoring stuff (diff)
Remove blockIps from nginx conf
-rw-r--r--compose/nginx/Dockerfile6
-rw-r--r--compose/nginx/blockIps.conf1
-rw-r--r--compose/nginx/nginx.conf15
3 files changed, 14 insertions, 8 deletions
diff --git a/compose/nginx/Dockerfile b/compose/nginx/Dockerfile
index ea6be25..29edad0 100644
--- a/compose/nginx/Dockerfile
+++ b/compose/nginx/Dockerfile
@@ -1,12 +1,12 @@
FROM nginx:alpine
-RUN rm /etc/nginx/fastcgi.conf \
+RUN rm -rf /etc/nginx/fastcgi.conf \
/etc/nginx/fastcgi_params \
/etc/nginx/scgi_params \
/etc/nginx/uwsgi_params \
/etc/nginx/koi-utf \
/etc/nginx/koi-win \
- /etc/nginx/win-utf
+ /etc/nginx/win-utf \
+ /etc/nginx/conf.d
COPY static-html /usr/share/nginx/html
COPY conf.d /etc/nginx/conf.d
COPY nginx.conf /etc/nginx/
-COPY blockIps.conf /etc/nginx/
diff --git a/compose/nginx/blockIps.conf b/compose/nginx/blockIps.conf
deleted file mode 100644
index d434459..0000000
--- a/compose/nginx/blockIps.conf
+++ /dev/null
@@ -1 +0,0 @@
-deny 154.202.59.137;
diff --git a/compose/nginx/nginx.conf b/compose/nginx/nginx.conf
index 1e21693..7015aaa 100644
--- a/compose/nginx/nginx.conf
+++ b/compose/nginx/nginx.conf
@@ -14,9 +14,9 @@ http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
+ log_format main '[$time_local] $remote_addr - $remote_user "$request" '
+ '$status "$http_referer" '
+ '"$http_user_agent" "$server_name"';
access_log /var/log/nginx/access.log main;
ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem;
@@ -51,8 +51,15 @@ http {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+ server {
+ listen 80;
+ allow 127.0.0.1;
+ allow 172.0.0.0/8;
+ deny all;
+ }
include /etc/nginx/conf.d/*.conf;
- include /etc/nginx/blockIps.conf;
error_page 500 501 502 503 504 /50x.html;
+
}
+