73 lines
2.5 KiB
PowerShell
73 lines
2.5 KiB
PowerShell
param(
|
|
[string]$Image = "nginx:alpine"
|
|
)
|
|
|
|
$ErrorActionPreference = "Stop"
|
|
|
|
$repoRoot = Split-Path -Parent $PSScriptRoot
|
|
|
|
$serverSnippetConfig = @(
|
|
"events {}"
|
|
""
|
|
"http {"
|
|
" include /etc/nginx/mime.types;"
|
|
" default_type application/octet-stream;"
|
|
""
|
|
" include /etc/nginx/kit/http/gzip.conf;"
|
|
" include /etc/nginx/kit/http/websocket-map.conf;"
|
|
""
|
|
" include /etc/nginx/kit/examples/example.com.conf;"
|
|
"}"
|
|
) -join "\n"
|
|
|
|
$serverSnippetConfigShell = $serverSnippetConfig -replace "`n", "\\n"
|
|
|
|
$optionalSnippetConfig = @(
|
|
"events {}"
|
|
""
|
|
"http {"
|
|
" include /etc/nginx/mime.types;"
|
|
" default_type application/octet-stream;"
|
|
""
|
|
" server {"
|
|
" listen 8080;"
|
|
" include /etc/nginx/kit/security-legacy.conf;"
|
|
""
|
|
" location /fastcgi {"
|
|
" include /etc/nginx/kit/fastcgi/hide-powered-by.conf;"
|
|
" }"
|
|
""
|
|
" location /proxy {"
|
|
" include /etc/nginx/kit/proxy_pass/hide-powered-by.conf;"
|
|
" }"
|
|
" }"
|
|
"}"
|
|
) -join "\n"
|
|
|
|
$optionalSnippetConfigShell = $optionalSnippetConfig -replace "`n", "\\n"
|
|
|
|
$containerCommand = @(
|
|
"set -eu"
|
|
"apk add --no-cache openssl >/dev/null"
|
|
"mkdir -p /etc/nginx/snippets/cert /etc/ssl/certimate /tmp/nginx-kit/snippets/cert /tmp/nginx-kit/examples/snippets/cert"
|
|
"openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/certimate/example.com.key -out /etc/ssl/certimate/example.com.crt -subj '/CN=example.com' -days 1 >/dev/null 2>&1"
|
|
"cp /etc/nginx/kit/templates/cert/example.com.conf /etc/nginx/snippets/cert/mydomain.com.conf"
|
|
"cp /etc/nginx/kit/templates/cert/example.com.conf /tmp/nginx-kit/snippets/cert/mydomain.com.conf"
|
|
"cp /etc/nginx/kit/templates/cert/example.com.conf /tmp/nginx-kit/examples/snippets/cert/mydomain.com.conf"
|
|
"ln -s /etc/nginx/kit /tmp/nginx-kit/kit"
|
|
"mkdir -p /tmp/nginx-kit/examples"
|
|
"ln -s /etc/nginx/kit /tmp/nginx-kit/examples/kit"
|
|
"cp /etc/nginx/kit/examples/reverse-proxy.nginx.conf /tmp/nginx-kit/examples/reverse-proxy.nginx.conf"
|
|
"printf '%b' '$serverSnippetConfigShell' > /tmp/nginx-kit/server-snippet.nginx.conf"
|
|
"printf '%b' '$optionalSnippetConfigShell' > /tmp/nginx-kit/optional-snippets.nginx.conf"
|
|
"echo 'Validating examples/example.com.conf'"
|
|
"nginx -t -c /tmp/nginx-kit/server-snippet.nginx.conf"
|
|
"echo 'Validating examples/reverse-proxy.nginx.conf'"
|
|
"nginx -t -c /tmp/nginx-kit/examples/reverse-proxy.nginx.conf"
|
|
"echo 'Validating optional security and hide-powered-by snippets'"
|
|
"nginx -t -c /tmp/nginx-kit/optional-snippets.nginx.conf"
|
|
) -join "; "
|
|
|
|
docker run --rm `
|
|
-v "${repoRoot}:/etc/nginx/kit:ro" `
|
|
$Image sh -lc $containerCommand
|