- Docker images
- Environment variables
- Nginx modules
- Virtual hosts presets
- Customization
- Orchestration actions
❗For better reliability we release images with stability tags (wodby/nginx:1.15-X.X.X) which correspond to git tags. We strongly recommend using images only with stability tags.
Overview:
- All images are based on Alpine Linux
- Base image: wodby/alpine
- Travis CI builds
- Docker Hub
Supported tags and respective Dockerfile links:
1.15,1,latest(Dockerfile)1.14(Dockerfile)1.13(Dockerfile)
| Variable | Default Value | Description |
|---|---|---|
NGINX_ALLOW_ACCESS_HIDDEN_FILES |
||
NGINX_BACKEND_FAIL_TIMEOUT |
0 |
|
NGINX_BACKEND_HOST |
Varies with a preset | |
NGINX_BACKEND_PORT |
Varies with a preset | |
NGINX_CLIENT_BODY_BUFFER_SIZE |
16k |
|
NGINX_CLIENT_BODY_TIMEOUT |
60s |
|
NGINX_CLIENT_HEADER_BUFFER_SIZE |
4k |
|
NGINX_CLIENT_HEADER_TIMEOUT |
60s |
|
NGINX_CLIENT_MAX_BODY_SIZE |
32m |
|
NGINX_CONF_INCLUDE |
conf.d/*.conf |
|
NGINX_DISABLE_CACHING |
||
NGINX_DRUPAL_ALLOW_XML_ENDPOINTS |
||
NGINX_DRUPAL_FILE_PROXY_URL |
e.g. http://dev.example.com |
|
NGINX_DRUPAL_HIDE_HEADERS |
||
NGINX_DRUPAL_XMLRPC_SERVER_NAME |
Drupal 6/7 only | |
NGINX_ERROR_403_URI |
||
NGINX_ERROR_404_URI |
||
NGINX_ERROR_LOG_LEVEL |
error |
|
NGINX_ERROR_MESSAGE_50x |
||
NGINX_FASTCGI_BUFFER_SIZE |
32k |
For PHP-based presets only |
NGINX_FASTCGI_BUFFERS |
16 32k |
For PHP-based presets only |
NGINX_FASTCGI_INDEX |
index.php |
For PHP-based presets only |
NGINX_FASTCGI_INTERCEPT_ERRORS |
on |
For PHP-based presets only |
NGINX_FASTCGI_READ_TIMEOUT |
900 |
For PHP-based presets only |
NGINX_GZIP_BUFFERS |
16 8k |
|
NGINX_GZIP_COMP_LEVEL |
1 |
|
NGINX_GZIP_DISABLE |
msie6 |
|
NGINX_GZIP_HTTP_VERSION |
1.1 |
|
NGINX_GZIP_MIN_LENGTH |
20 |
|
NGINX_GZIP_PROXIED |
any |
|
NGINX_GZIP_VARY |
on |
|
NGINX_GZIP |
on |
|
NGINX_HIDE_50x_ERRORS |
||
NGINX_HTTP2 |
||
NGINX_INDEX_FILE |
Varies with a preset | Hard-coded for Drupal and WP |
NGINX_KEEPALIVE_REQUESTS |
100 |
|
NGINX_KEEPALIVE_TIMEOUT |
75s |
|
NGINX_LARGE_CLIENT_HEADER_BUFFERS |
8 16k |
|
NGINX_LOG_FORMAT_OVERRIDE |
||
NGINX_MODSECURITY_ENABLED |
See ModSecurity | |
NGINX_MODSECURITY_INBOUND_ANOMALY_SCORE_THRESHOLD |
7 |
|
NGINX_MODSECURITY_OUTBOUND_ANOMALY_SCORE_THRESHOLD |
7 |
|
NGINX_MODSECURITY_POST_CORE_RULES |
Location to rules loaded after CRS | |
NGINX_MODSECURITY_PRE_CORE_RULES |
Location to rules loaded before CRS | |
NGINX_MODSECURITY_USE_OWASP_CRS |
See ModSecurity | |
NGINX_MULTI
8000
_ACCEPT |
on |
|
NGINX_NO_DEFAULT_HEADERS |
||
NGINX_PAGESPEED_ENABLE_FILTERS |
||
NGINX_PAGESPEED_ENABLED |
See PageSpeed | |
NGINX_PAGESPEED_FILE_CACHE_PATH |
/var/cache/ngx_pagespeed/ |
|
NGINX_PAGESPEED_PRESERVE_URL_RELATIVITY |
on |
|
NGINX_PAGESPEED_REWRITE_LEVEL |
CoreFilters |
|
NGINX_PAGESPEED_STATIC_ASSET_PREFIX |
/pagespeed_static |
|
NGINX_PAGESPEED |
on |
See PageSpeed |
NGINX_REAL_IP_HEADER |
X-Real-IP |
|
NGINX_REAL_IP_RECURSIVE |
off |
|
NGINX_RESET_TIMEDOUT_CONNECTION |
off |
|
NGINX_SEND_TIMEOUT |
60s |
|
NGINX_SENDFILE |
on |
|
NGINX_SERVER_EXTRA_CONF_FILEPATH |
||
NGINX_SERVER_NAME |
default |
|
NGINX_SERVER_ROOT |
/var/www/html |
|
NGINX_SERVER_TOKENS |
off |
|
NGINX_SET_REAL_IP_FROM |
||
NGINX_STATIC_404_TRY_INDEX |
||
NGINX_STATIC_ACCESS_LOG |
off |
|
NGINX_STATIC_EXPIRES |
7d |
|
NGINX_STATIC_MP4_BUFFER_SIZE |
1M |
|
NGINX_STATIC_MP4_MAX_BUFFER_SIZE |
5M |
|
NGINX_STATIC_OPEN_FILE_CACHE_ERRORS |
on |
|
NGINX_STATIC_OPEN_FILE_CACHE_MIN_USES |
2 |
|
NGINX_STATIC_OPEN_FILE_CACHE_VALID |
30s |
|
NGINX_STATIC_OPEN_FILE_CACHE |
max=1000 inactive=30s |
|
NGINX_TCP_NODELAY |
on |
|
NGINX_TCP_NOPUSH |
on |
|
NGINX_TRACK_UPLOADS |
uploads 60s |
|
NGINX_UNDERSCORES_IN_HEADERS |
off |
|
NGINX_UPLOAD_PROGRESS |
uploads 1m |
|
NGINX_USER |
nginx |
|
NGINX_VHOST_NO_DEFAULTS |
||
NGINX_VHOST_PRESET |
html |
|
NGINX_WORKER_CONNECTIONS |
1024 |
|
NGINX_WORKER_PROCESSES |
auto |
Static files extension defined via the regex and can be overridden via the env var NGINX_STATIC_EXT_REGEX, default:
css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt
Some environment variables can be overridden or added per preset.
| Component | Version |
|---|---|
| PageSpeed Nginx module | 1.13.35.2 |
| PageSpeed Library | 1.13.35.2 |
To enable Apache PageSpeed module set $NGINX_PAGESPEED_ENABLED to any value. Additionally, you can change module status via $NGINX_PAGESPEED (set to on by default) and configure it via $NGINX_PAGESPEED_ environment variables.
| Component | Version |
|---|---|
| ModSecurity Nginx module | 1.0.0 |
| ModSecurity Library | 3.0.3 |
| OWASP CRS | 3.1.0 |
ModSecurity is disabled by default, to enable set $NGINX_MODSECURITY_ENABLED to any value. Additionally, you can enable OWASP Core Rule Set (CRS) by setting $NGINX_MODSECURITY_USE_OWASP_CRS to any value, ️be wary since it may block some requests with the default configuration. See env vars starting with $NGINX_MODSECURITY_ for advanced configuration.
By default will be used html virtual host preset, you can change it via env var $NGINX_VHOST_PRESET. The list of available presets:
This is the default preset.
| Variable | Default Value |
|---|---|
NGINX_INDEX_FILE |
index.html |
- Preset template
- Usage: this preset selected by default
- Preset template
- Usage: add
NGINX_VHOST_PRESET=http-proxyandNGINX_BACKEND_HOST=[host]
Additional environment variables for HTTP proxy preset:
| Variable | Default Value |
|---|---|
NGINX_BACKEND_HOST |
|
NGINX_BACKEND_PORT |
8080 |
Additional environment variables for all PHP-based presets:
| Variable | Default Value |
|---|---|
NGINX_BACKEND_HOST |
php |
NGINX_BACKEND_PORT |
9000 |
| Variable | Default Value |
|---|---|
NGINX_INDEX_FILE |
index.php index.html |
- Preset template
- Usage: add
NGINX_VHOST_PRESET=php, optionally modifyNGINX_BACKEND_HOST
- Preset template
- Usage: add
NGINX_VHOST_PRESET=wordpress, optionally modifyNGINX_BACKEND_HOST - Access to
*.txtfiles allowed only if they are located in uploads directory
- Preset templates: Drupal 8, Drupal 7, Drupal 6
- Usage: add
NGINX_VHOST_PRESET=with the value ofdrupal8,drupal7ordrupal6. Optionally modifyNGINX_BACKEND_HOST - If you want to use stage_file_proxy module, set
$NGINX_STATIC_404_TRY_INDEX=1to redirect 404 static files requests to Drupal - Access to
*.txtfiles allowed only if they are located in files directory
You can use a custom by preset by mounting your preset to /etc/gotpl/presets/[my-preset-name].conf.tmpl and setting $NGINX_VHOST_PRESET=[my-preset-name].
To disable presets set $NGINX_VHOST_PRESET=""
- Disable default recommended headers via
$NGINX_NO_DEFAULT_HEADERS(defined innginx.conf) - Disable default rules included in virtual host via
$NGINX_VHOST_NO_DEFAULTS - Add extra locations via
$NGINX_SERVER_EXTRA_CONF_FILEPATH=/filepath/to/nginx-locations.conf, the file will be included at the end of virtual host config (servercontext) - Define custom preset
- Completely override include of the virtual host config by overriding
NGINX_CONF_INCLUDE, it will be included innginx.conf
Usage:
make COMMAND [params ...]
commands:
git-clone [url branch]
git-checkout [target is_hash]
check-ready [host max_try wait_seconds delay_seconds]
default params values:
host localhost
max_try 1
wait_seconds 1
delay_seconds 0
is_hash 0
branch ""