diff options
author | Paweł Dybiec <pdybiec@stud.cs.uni.wroc.pl> | 2019-12-05 19:31:30 +0100 |
---|---|---|
committer | Paweł Dybiec <pdybiec@stud.cs.uni.wroc.pl> | 2019-12-05 19:31:30 +0100 |
commit | 3883d818839ac2340a4434919084e3178064f62c (patch) | |
tree | 38b2133708b8e56f72bf8a471bb6d28b0ff530ce /compose | |
parent | Remove monitoring stuff (diff) |
Remove blockIps from nginx conf
Diffstat (limited to 'compose')
-rw-r--r-- | compose/nginx/Dockerfile | 6 | ||||
-rw-r--r-- | compose/nginx/blockIps.conf | 1 | ||||
-rw-r--r-- | compose/nginx/nginx.conf | 15 |
3 files changed, 14 insertions, 8 deletions
diff --git a/compose/nginx/Dockerfile b/compose/nginx/Dockerfile index ea6be25..29edad0 100644 --- a/compose/nginx/Dockerfile +++ b/compose/nginx/Dockerfile @@ -1,12 +1,12 @@ FROM nginx:alpine -RUN rm /etc/nginx/fastcgi.conf \ +RUN rm -rf /etc/nginx/fastcgi.conf \ /etc/nginx/fastcgi_params \ /etc/nginx/scgi_params \ /etc/nginx/uwsgi_params \ /etc/nginx/koi-utf \ /etc/nginx/koi-win \ - /etc/nginx/win-utf + /etc/nginx/win-utf \ + /etc/nginx/conf.d COPY static-html /usr/share/nginx/html COPY conf.d /etc/nginx/conf.d COPY nginx.conf /etc/nginx/ -COPY blockIps.conf /etc/nginx/ diff --git a/compose/nginx/blockIps.conf b/compose/nginx/blockIps.conf deleted file mode 100644 index d434459..0000000 --- a/compose/nginx/blockIps.conf +++ /dev/null @@ -1 +0,0 @@ -deny 154.202.59.137; diff --git a/compose/nginx/nginx.conf b/compose/nginx/nginx.conf index 1e21693..7015aaa 100644 --- a/compose/nginx/nginx.conf +++ b/compose/nginx/nginx.conf @@ -14,9 +14,9 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; + log_format main '[$time_local] $remote_addr - $remote_user "$request" ' + '$status "$http_referer" ' + '"$http_user_agent" "$server_name"'; access_log /var/log/nginx/access.log main; ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; @@ -51,8 +51,15 @@ http { add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + server { + listen 80; + allow 127.0.0.1; + allow 172.0.0.0/8; + deny all; + } include /etc/nginx/conf.d/*.conf; - include /etc/nginx/blockIps.conf; error_page 500 501 502 503 504 /50x.html; + } + |