diff --git a/.docker/nginx.conf b/.docker/nginx.conf new file mode 100644 index 0000000..4edef0a --- /dev/null +++ b/.docker/nginx.conf @@ -0,0 +1,53 @@ +upstream cdn { + server cdn.gallerix.asia:443; +} + +upstream v { + server v.gallerix.org:443; +} + + +server { + listen 80 default_server; + server_name cdn.14159.mov; + + if ($request_method !~ ^(GET|HEAD)$ ) { + return 405; + } + + location = / { + return 418; + } + + location ^~ /status { + access_log off; + log_not_found off; + default_type application/json; + if ($http_user_agent ~* (UptimeRobot)){ + return 200 '{"status": "success", "messages": "status check."}'; + } + return 444; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + location ^~ /x/ { + proxy_pass_header Server; + include /etc/nginx/proxy-header.conf; + proxy_pass https://cdn; + expires max; + } + + location ^~ /B/ { + proxy_pass_header Server; + include /etc/nginx/proxy-header.conf; + proxy_pass https://v; + expires max; + } + + location ~ /\.(?!well-known).* { + log_not_found off; + deny all; + } +} \ No newline at end of file diff --git a/.docker/proxy-header.conf b/.docker/proxy-header.conf new file mode 100644 index 0000000..9268bd5 --- /dev/null +++ b/.docker/proxy-header.conf @@ -0,0 +1,7 @@ +proxy_set_header Accept-Encoding ''; +proxy_redirect off; +proxy_set_header Host $http_host; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto https; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Scheme $scheme; \ No newline at end of file diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..0559506 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +.git +.github +Dockerfile* +*.md +LICENSE \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..9633ec1 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit : 10 + # Enable version updates for npm + - package-ecosystem: 'docker' + # Look for `package.json` and `lock` files in the `root` directory + directory: '/' + # Check the npm registry for updates every day (weekdays) + schedule: + interval: 'weekly' \ No newline at end of file diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..64dd64a --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,11 @@ +name: Merge PRs +on: + pull_request: + +jobs: + automerge: + name: Auto Merge + if: ${{ github.actor == 'dependabot[bot]' }} + uses: bytefloat/workflows/.github/workflows/dependabot-auto-merge.yml@main + secrets: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..ea163f8 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,23 @@ +name: Release Images + +on: + schedule: + - cron: "0 8 * * *" # everyday at 8am UTC + release: + types: [published] + push: + branches: + - main + tags: + - "v*" + workflow_dispatch: + +jobs: + registry: + name: Build & Push + uses: bytefloat/workflows/.github/workflows/docker-build.yml@main + with: + custom-image: 'fspnetwork/nginx:latest' + secrets: + DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_TOKEN }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..748977c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,3 @@ +FROM nginx:latest +COPY .docker/proxy-header.conf /etc/nginx/proxy-header.conf +COPY .docker/nginx.conf /etc/nginx/conf.d/default.conf \ No newline at end of file