casjaysdevdocker/stikked
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/stikked synced 2025-09-19 15:57:39 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

🗃️ Committing everything that changed 🗃️

Browse Source 
Dockerfile
.env.scripts
rootfs/root/docker/setup/03-files.sh
rootfs/root/docker/setup/05-custom.sh
rootfs/tmp/etc/nginx/fastcgi_params
rootfs/tmp/etc/nginx/mime.types
rootfs/tmp/etc/nginx/nginx.conf
rootfs/tmp/etc/nginx/nginx.ssl.conf
rootfs/tmp/etc/nginx/scgi_params
rootfs/tmp/etc/nginx/uwsgi_params
rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample
rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample
This commit is contained in:
casjay
2024-11-19 12:41:15 -05:00
parent 809c25e37d
commit 32f5ae5d5e
12 changed files with 21 additions and 397 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
rootfs/root/docker/setup/03-files.sh
View File

@@ -27,7 +27,6 @@ exitCode=0
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Predifined actions
rm -Rf /etc/php*/php-fpm*
if [ -d "/tmp/bin" ]; then
echo "Installing /tmp/bin to /usr/local/bin"
chmod -Rf +x "/tmp/bin"

1
rootfs/root/docker/setup/05-custom.sh
View File

@@ -30,6 +30,7 @@ WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/httpd/default}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Main script
[ -d "/etc/stikked" ] || mkdir -p "/etc/stikked"
[ -d "$WWW_ROOT_DIR" ] || mkdir -p "$WWW_ROOT_DIR"
git clone https://github.com/casjaydns/casjay.cc /tmp/stikked
cp -Rf "/tmp/stikked/htdocs/." "$WWW_ROOT_DIR/"

26
rootfs/tmp/etc/nginx/fastcgi_params
View File

@@ -1,26 +0,0 @@
# Params for fastcgi
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

99
rootfs/tmp/etc/nginx/mime.types
View File

@@ -1,99 +0,0 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

88
rootfs/tmp/etc/nginx/nginx.conf
View File

@@ -1,88 +0,0 @@
# Default nginx configuration docker containers
user REPLACE_WWW_USER;
worker_processes auto;
daemon on;
error_log REPLACE_LOG_DIR/nginx.log warn;
pid REPLACE_RUN_DIR/nginx.pid;
events { worker_connections 1024; }
http {
include REPLACE_ETC_DIR/mime.types;
default_type "text/html";
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
access_log REPLACE_LOG_DIR/access.log combined;
server {
listen 0.0.0.0:80 default_server;
server_name REPLACE_SERVER_NAME;
client_max_body_size 0;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
root /var/lib/nginx/html;
location /health {
default_type text/plain;
return 200 'ok';
access_log off;
log_not_found on;
}
location /health/text {
default_type text/plain;
return 200 'ok';
access_log off;
log_not_found on;
}
location /health/json {
default_type application/json;
return 200 '{"status":"ok","message":"running"}';
access_log off;
log_not_found on;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;
}
location / {
root REPLACE_SERVER_WWW_DIR;
access_log on;
log_not_found on;
}
}
}

89
rootfs/tmp/etc/nginx/nginx.ssl.conf
View File

@@ -1,89 +0,0 @@
# nginx configuration for proxying
user REPLACE_WWW_USER;
worker_processes auto;
daemon on;
error_log REPLACE_LOG_DIR/nginx.log warn;
pid REPLACE_RUN_DIR/nginx.pid;
events { worker_connections 1024; }
http {
include REPLACE_ETC_DIR/mime.types;
default_type "text/html";
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
access_log REPLACE_LOG_DIR/access.log main;
server {
listen 0.0.0.0:80 default_server;
server_name REPLACE_SERVER_NAME;
client_max_body_size 0;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
root /var/lib/nginx/html;
location /health {
default_type text/plain;
return 200 'ok';
}
location /health/text {
default_type text/plain;
return 200 'ok';
}
location /health/json {
default_type application/json;
return 200 '{"status":"ok","message":"running"}';
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) { return 404; }
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:8000/;
}
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /etc/nginx/vhosts.d/*.conf;
}

17
rootfs/tmp/etc/nginx/scgi_params
View File

@@ -1,17 +0,0 @@
# Params for scgi
scgi_param REQUEST_METHOD $request_method;
scgi_param REQUEST_URI $request_uri;
scgi_param QUERY_STRING $query_string;
scgi_param CONTENT_TYPE $content_type;
scgi_param DOCUMENT_URI $document_uri;
scgi_param DOCUMENT_ROOT $document_root;
scgi_param SCGI 1;
scgi_param SERVER_PROTOCOL $server_protocol;
scgi_param REQUEST_SCHEME $scheme;
scgi_param HTTPS $https if_not_empty;
scgi_param REMOTE_ADDR $remote_addr;
scgi_param REMOTE_PORT $remote_port;
scgi_param SERVER_PORT $server_port;
scgi_param SERVER_NAME $server_name;

17
rootfs/tmp/etc/nginx/uwsgi_params
View File

@@ -1,17 +0,0 @@
# Params for uwsgi
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;

13
rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample
View File

@@ -1,13 +0,0 @@
server {
listen REPLACE_SERVER_PORT default_server;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_WWW_DIR;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
}

18
rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample
View File

@@ -1,18 +0,0 @@
server {
listen ssl http2 REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_WWW_DIR;
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_certificate REPLACE_SSL_DIR/localhost.crt;
ssl_certificate_key REPLACE_SSL_DIR/localhost.key;
}