param( [string]$Image = "nginx:alpine" ) $ErrorActionPreference = "Stop" $repoRoot = Split-Path -Parent $PSScriptRoot $serverSnippetConfig = @( "events {}" "" "http {" " include /etc/nginx/mime.types;" " default_type application/octet-stream;" "" " include /etc/nginx/kit/http/gzip.conf;" " include /etc/nginx/kit/http/websocket-map.conf;" "" " include /etc/nginx/kit/examples/example.com.conf;" "}" ) -join "\n" $serverSnippetConfigShell = $serverSnippetConfig -replace "`n", "\\n" $optionalSnippetConfig = @( "events {}" "" "http {" " include /etc/nginx/mime.types;" " default_type application/octet-stream;" "" " server {" " listen 8080;" " include /etc/nginx/kit/security-legacy.conf;" "" " location /fastcgi {" " include /etc/nginx/kit/fastcgi/hide-powered-by.conf;" " include /etc/nginx/kit/fastcgi/timeout-300.conf;" " }" "" " location /proxy {" " include /etc/nginx/kit/proxy_pass/hide-powered-by.conf;" " }" " }" "}" ) -join "\n" $optionalSnippetConfigShell = $optionalSnippetConfig -replace "`n", "\\n" $advancedProxyConfig = @( "events {}" "" "http {" " include /etc/nginx/mime.types;" " default_type application/octet-stream;" "" " include /etc/nginx/kit/http/log-format-upstream.conf;" "" " server {" " include /etc/nginx/kit/listen/http.conf;" " server_name streaming.example.com;" " access_log /var/log/nginx/streaming.access.log upstream_timing;" "" " location /events/ {" " include /etc/nginx/kit/proxy_pass/forwarded.conf;" " include /etc/nginx/kit/proxy_pass/streaming.conf;" " include /etc/nginx/kit/proxy_pass/timeout-300.conf;" " proxy_pass http://127.0.0.1:9000;" " }" "" " location /secure-upstream/ {" " include /etc/nginx/kit/proxy_pass/forwarded.conf;" " include /etc/nginx/kit/proxy_pass/https-upstream.conf;" " proxy_pass https://example.com;" " }" " }" "}" ) -join "\n" $advancedProxyConfigShell = $advancedProxyConfig -replace "`n", "\\n" $modernHttp2Config = @( "events {}" "" "http {" " include /etc/nginx/mime.types;" " default_type application/octet-stream;" "" " server {" " include /etc/nginx/kit/listen/http.conf;" " include /etc/nginx/kit/listen/https.conf;" " include /etc/nginx/kit/listen/http2.conf;" " include /etc/nginx/snippets/cert/mydomain.com.conf;" " server_name modern.example.com;" " }" "}" ) -join "\n" $modernHttp2ConfigShell = $modernHttp2Config -replace "`n", "\\n" $containerCommand = @( "set -eu" "apk add --no-cache openssl >/dev/null" "mkdir -p /etc/nginx/snippets/cert /etc/ssl/certimate /tmp/nginx-kit/snippets/cert /tmp/nginx-kit/examples/snippets/cert" "openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/certimate/example.com.key -out /etc/ssl/certimate/example.com.crt -subj '/CN=example.com' -days 1 >/dev/null 2>&1" "cp /etc/nginx/kit/templates/cert/example.com.conf /etc/nginx/snippets/cert/mydomain.com.conf" "cp /etc/nginx/kit/templates/cert/example.com.conf /tmp/nginx-kit/snippets/cert/mydomain.com.conf" "cp /etc/nginx/kit/templates/cert/example.com.conf /tmp/nginx-kit/examples/snippets/cert/mydomain.com.conf" "ln -s /etc/nginx/kit /tmp/nginx-kit/kit" "mkdir -p /tmp/nginx-kit/examples" "ln -s /etc/nginx/kit /tmp/nginx-kit/examples/kit" "cp /etc/nginx/kit/examples/reverse-proxy.nginx.conf /tmp/nginx-kit/examples/reverse-proxy.nginx.conf" "printf '%b' '$serverSnippetConfigShell' > /tmp/nginx-kit/server-snippet.nginx.conf" "printf '%b' '$optionalSnippetConfigShell' > /tmp/nginx-kit/optional-snippets.nginx.conf" "printf '%b' '$advancedProxyConfigShell' > /tmp/nginx-kit/advanced-proxy.nginx.conf" "printf '%b' '$modernHttp2ConfigShell' > /tmp/nginx-kit/modern-http2.nginx.conf" "echo 'Validating examples/example.com.conf'" "nginx -t -c /tmp/nginx-kit/server-snippet.nginx.conf" "echo 'Validating examples/reverse-proxy.nginx.conf'" "nginx -t -c /tmp/nginx-kit/examples/reverse-proxy.nginx.conf" "echo 'Validating optional security and hide-powered-by snippets'" "nginx -t -c /tmp/nginx-kit/optional-snippets.nginx.conf" "echo 'Validating optional upstream logging, streaming, and HTTPS-upstream snippets'" "nginx -t -c /tmp/nginx-kit/advanced-proxy.nginx.conf" "echo 'Validating modern http2 on snippets'" "nginx -t -c /tmp/nginx-kit/modern-http2.nginx.conf" ) -join "; " docker run --rm ` -v "${repoRoot}:/etc/nginx/kit:ro" ` $Image sh -lc $containerCommand