From 78da5e50d0f334e7651dffe581299d46d616faa9 Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Mon, 22 Jun 2020 17:11:07 +0200 Subject: [PATCH 01/11] add more conditional include logic --- .editorconfig | 3 +++ Dockerfile | 4 ++-- sites.tmpl | 16 ++++++++++++++-- 3 files changed, 19 insertions(+), 4 deletions(-) create mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..b545159 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,3 @@ +[**.tmpl] +indent_style = tab +indent_size = 2 diff --git a/Dockerfile b/Dockerfile index 786793d..ab300d0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM nginx:1.14.2 -LABEL maintainer="Kyle McCullough " +LABEL maintainer="Khaliq Gant " -LABEL version="0.2.1" +LABEL version="0.2.2" # Install available package updates, wget, and install/updates certificates RUN apt-get update \ diff --git a/sites.tmpl b/sites.tmpl index df25c93..ff7305b 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -134,8 +134,12 @@ server { listen 443 ssl http2 {{ $default_server }}; access_log /var/log/nginx/access.log vhost; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; + {{ if (exists "/etc/nginx/ssl_protocols_and_ciphers") }} + include /etc/nginx/ssl_protocols_and_ciphers; + {{ else }} + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; + {{ end -}} ssl_prefer_server_ciphers on; ssl_session_timeout 5m; @@ -170,6 +174,14 @@ server { include /etc/nginx/vhost.d/default_location; {{ end -}} } + {{ if (exists "/etc/nginx/additional_location_block_header") }} + include /etc/nginx/additional_location_block_header; + proxy_pass {{ trim $proto }}://{{ trim $host }}; + {{ if (exists "/etc/nginx/additional_location_block_includes") }} + include /etc/nginx/additional_location_block_includes; + {{ end -}} + } + {{ end -}} } {{- end -}} From c35a9fd04f808c894fb5d9a1528efd938ed0dcf8 Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Mon, 22 Jun 2020 18:45:58 +0200 Subject: [PATCH 02/11] allow for dynamic ssl configuration --- sites.tmpl | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sites.tmpl b/sites.tmpl index ff7305b..c9fcd30 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -134,7 +134,7 @@ server { listen 443 ssl http2 {{ $default_server }}; access_log /var/log/nginx/access.log vhost; - {{ if (exists "/etc/nginx/ssl_protocols_and_ciphers") }} + {{ if (exists "/etc/nginx/ssl_protocols_and_ciphers") -}} include /etc/nginx/ssl_protocols_and_ciphers; {{ else }} ssl_protocols TLSv1 TLSv1.1 TLSv1.2; @@ -145,8 +145,12 @@ server { ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; - ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }}; - ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }}; + {{ if (exists "/etc/nginx/ssl_certificate_configuration") -}} + include /etc/nginx/ssl_certificate_configuration; + {{ else }} + ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }}; + ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }}; + {{ end -}} {{ if (exists (printf "/etc/nginx/certs/%s.dhparam.pem" $cert)) -}} ssl_dhparam {{ printf "/etc/nginx/certs/%s.dhparam.pem" $cert }}; From 22e445a4901fac2757b8c5a7f39273a0bf18ea0e Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Tue, 23 Jun 2020 15:23:23 +0200 Subject: [PATCH 03/11] add location_block_header to an annotation --- sites.tmpl | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/sites.tmpl b/sites.tmpl index c9fcd30..8a036ac 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -116,6 +116,8 @@ upstream {{ $host }} { {{/* Use the cert specified on the container or fallback to the best vhost match */}} {{ $cert := (coalesce $certName $vhostCert) -}} +{{ $location_block_header := $resource.ObjectMeta.Annotations.location_block_header -}} + {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} {{- if $is_https -}} @@ -177,14 +179,15 @@ server { {{ else if (exists "/etc/nginx/vhost.d/default_location") -}} include /etc/nginx/vhost.d/default_location; {{ end -}} - } - {{ if (exists "/etc/nginx/additional_location_block_header") }} - include /etc/nginx/additional_location_block_header; - proxy_pass {{ trim $proto }}://{{ trim $host }}; - {{ if (exists "/etc/nginx/additional_location_block_includes") }} - include /etc/nginx/additional_location_block_includes; - {{ end -}} - } + } + + {{ if (ne $location_block_header) -}} + location {{ (trim $location_blocker_header) }} { + proxy_pass {{ trim $proto }}://{{ trim $host }}; + {{ if (exists "/etc/nginx/additional_location_block_includes") -}} + include /etc/nginx/additional_location_block_includes; + {{ end -}} + } {{ end -}} } From b66b5393510dd2de50837bf7e04b60e0d6ed09b9 Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Tue, 23 Jun 2020 15:42:00 +0200 Subject: [PATCH 04/11] fix variable reference --- sites.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sites.tmpl b/sites.tmpl index 8a036ac..83be270 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -116,7 +116,7 @@ upstream {{ $host }} { {{/* Use the cert specified on the container or fallback to the best vhost match */}} {{ $cert := (coalesce $certName $vhostCert) -}} -{{ $location_block_header := $resource.ObjectMeta.Annotations.location_block_header -}} +{{ $location_block_header := $resources.ObjectMeta.Annotations.location_block_header -}} {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} From 210e129acb718767cd70c86af90dc06a8cf7013a Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Tue, 23 Jun 2020 16:25:32 +0200 Subject: [PATCH 05/11] reference variable correctly --- sites.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sites.tmpl b/sites.tmpl index 83be270..6e05ca8 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -182,7 +182,7 @@ server { } {{ if (ne $location_block_header) -}} - location {{ (trim $location_blocker_header) }} { + location {{ (trim $location_block_header) }} { proxy_pass {{ trim $proto }}://{{ trim $host }}; {{ if (exists "/etc/nginx/additional_location_block_includes") -}} include /etc/nginx/additional_location_block_includes; From 12c65f62808530db534847d33c7bbc84e33e5863 Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Tue, 23 Jun 2020 20:19:07 +0200 Subject: [PATCH 06/11] use group by keysto grab the variable --- sites.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sites.tmpl b/sites.tmpl index 6e05ca8..6fb5dfd 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -116,7 +116,7 @@ upstream {{ $host }} { {{/* Use the cert specified on the container or fallback to the best vhost match */}} {{ $cert := (coalesce $certName $vhostCert) -}} -{{ $location_block_header := $resources.ObjectMeta.Annotations.location_block_header -}} +{{ $location_block_header := (groupByKeys $resources "ObjectMeta.Annotations.location_block_header" | first) -}} {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} From 3556fc0401d02c6dd543cb524ebb6b25ea15be1f Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Wed, 24 Jun 2020 09:46:45 +0200 Subject: [PATCH 07/11] fix ne check --- sites.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sites.tmpl b/sites.tmpl index 6fb5dfd..2998da4 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -181,7 +181,7 @@ server { {{ end -}} } - {{ if (ne $location_block_header) -}} + {{ if (ne $location_block_header "") -}} location {{ (trim $location_block_header) }} { proxy_pass {{ trim $proto }}://{{ trim $host }}; {{ if (exists "/etc/nginx/additional_location_block_includes") -}} From eca2dd3834e05d104e8f9b933f69e6798c36c4b8 Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Wed, 24 Jun 2020 16:41:26 +0200 Subject: [PATCH 08/11] add in an additional server block that can dynamically add in location information --- sites.tmpl | 52 ++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 46 insertions(+), 6 deletions(-) diff --git a/sites.tmpl b/sites.tmpl index 2998da4..80f0c4f 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -117,6 +117,8 @@ upstream {{ $host }} { {{ $cert := (coalesce $certName $vhostCert) -}} {{ $location_block_header := (groupByKeys $resources "ObjectMeta.Annotations.location_block_header" | first) -}} +{{ $add_server_block := (groupByKeys $resources "ObjectMeta.Annotations.add_server_block" | first) -}} +{{ $server_block_server_name := (groupByKeys $resources "ObjectMeta.Annotations.server_block_server_name" | first) -}} {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} @@ -141,12 +143,11 @@ server { {{ else }} ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; + ssl_prefer_server_ciphers on; + ssl_session_timeout 5m; + ssl_session_cache shared:SSL:50m; {{ end -}} - ssl_prefer_server_ciphers on; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - {{ if (exists "/etc/nginx/ssl_certificate_configuration") -}} include /etc/nginx/ssl_certificate_configuration; {{ else }} @@ -170,6 +171,12 @@ server { location / { proxy_pass {{ trim $proto }}://{{ trim $host }}; + {{ if (exists "/etc/nginx/proxy-headers.conf") -}} + include /etc/nginx/proxy-headers.conf; + {{ end -}} + {{ if (exists "/etc/nginx/security-headers.conf") -}} + include /etc/nginx/security-headers.conf; + {{ end -}} {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) -}} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; @@ -184,13 +191,46 @@ server { {{ if (ne $location_block_header "") -}} location {{ (trim $location_block_header) }} { proxy_pass {{ trim $proto }}://{{ trim $host }}; - {{ if (exists "/etc/nginx/additional_location_block_includes") -}} - include /etc/nginx/additional_location_block_includes; + {{ if (exists "/etc/nginx/security-headers.conf") -}} + include /etc/nginx/security-headers.conf; + {{ end -}} + {{ if (exists "/etc/nginx/upgrade-protocol-headers.conf") -}} + include /etc/nginx/upgrade-protocol-headers.conf; {{ end -}} } {{ end -}} } +{{ if (eq $add_server_block "true") -}} +server { + listen 443 ssl http2 {{ $default_server }}; + access_log /var/log/nginx/access.log vhost; + server_name {{ $server_block_server_name }}; + + {{ if (exists "/etc/nginx/ssl_protocols_and_ciphers") -}} + include /etc/nginx/ssl_protocols_and_ciphers; + {{ else }} + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; + ssl_prefer_server_ciphers on; + ssl_session_timeout 5m; + ssl_session_cache shared:SSL:50m; + {{ end -}} + + {{ if (exists "/etc/nginx/ssl_certificate_configuration") -}} + include /etc/nginx/ssl_certificate_configuration; + {{ else }} + ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }}; + ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }}; + {{ end -}} + + {{ if (exists "/etc/nginx/server_block_location.conf") -}} + include /etc/nginx/server_block_location.conf; + {{ end -}} +} +{{- end -}} + + {{- end -}} {{- if or (not $is_https) (eq $https_method "noredirect") -}} From 284fa1e613bd9f0c3be2dfd0dbbc7be240e895ed Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Wed, 1 Jul 2020 10:59:45 +0200 Subject: [PATCH 09/11] remove add_server_block and add default empty string for location_block_header --- sites.tmpl | 33 +-------------------------------- 1 file changed, 1 insertion(+), 32 deletions(-) diff --git a/sites.tmpl b/sites.tmpl index 80f0c4f..7bfe348 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -116,9 +116,7 @@ upstream {{ $host }} { {{/* Use the cert specified on the container or fallback to the best vhost match */}} {{ $cert := (coalesce $certName $vhostCert) -}} -{{ $location_block_header := (groupByKeys $resources "ObjectMeta.Annotations.location_block_header" | first) -}} -{{ $add_server_block := (groupByKeys $resources "ObjectMeta.Annotations.add_server_block" | first) -}} -{{ $server_block_server_name := (groupByKeys $resources "ObjectMeta.Annotations.server_block_server_name" | first) -}} +{{ $location_block_header := coalesce $resource.ObjectMeta.Annotations.location_block_header "" -}} {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} @@ -201,35 +199,6 @@ server { {{ end -}} } -{{ if (eq $add_server_block "true") -}} -server { - listen 443 ssl http2 {{ $default_server }}; - access_log /var/log/nginx/access.log vhost; - server_name {{ $server_block_server_name }}; - - {{ if (exists "/etc/nginx/ssl_protocols_and_ciphers") -}} - include /etc/nginx/ssl_protocols_and_ciphers; - {{ else }} - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; - ssl_prefer_server_ciphers on; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - {{ end -}} - - {{ if (exists "/etc/nginx/ssl_certificate_configuration") -}} - include /etc/nginx/ssl_certificate_configuration; - {{ else }} - ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }}; - ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }}; - {{ end -}} - - {{ if (exists "/etc/nginx/server_block_location.conf") -}} - include /etc/nginx/server_block_location.conf; - {{ end -}} -} -{{- end -}} - {{- end -}} From b456528466ae8a92c71f4298e1557fc0bc3b86df Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Wed, 1 Jul 2020 11:25:21 +0200 Subject: [PATCH 10/11] get first available value then coalesce in case not provided --- sites.tmpl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sites.tmpl b/sites.tmpl index 7bfe348..510176d 100644 --- a/sites.tmpl +++ b/sites.tmpl @@ -116,7 +116,8 @@ upstream {{ $host }} { {{/* Use the cert specified on the container or fallback to the best vhost match */}} {{ $cert := (coalesce $certName $vhostCert) -}} -{{ $location_block_header := coalesce $resource.ObjectMeta.Annotations.location_block_header "" -}} +{{ $location_block_header_raw := (groupByKeys $resources "ObjectMeta.Annotations.location_block_header" | first) -}} +{{ $location_block_header := coalesce $location_block_header_raw "" -}} {{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) -}} From d7f5493df374e95c59a5c03d37be3b63f10975ba Mon Sep 17 00:00:00 2001 From: Khaliq Gant Date: Sun, 5 Jul 2020 16:12:16 +0200 Subject: [PATCH 11/11] remove dockerfile change --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ab300d0..2e91034 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM nginx:1.14.2 -LABEL maintainer="Khaliq Gant " +LABEL maintainer="Kyle McCullough " LABEL version="0.2.2"