This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
if [ "$EUID" -ne 0 ];then | |
>&2 echo "This script requires root level access to run" | |
exit 1 | |
fi | |
if [ -z "${WORDPRESS_DB_PASSWORD}" ]; then | |
>&2 echo "WORDPRESS_DB_PASSWORD must be set" | |
>&2 echo "Here is a random one that you can paste:" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
upstream warehouse_inventory { | |
zone inventory_service 64k; | |
server 10.0.0.1:80; | |
server 10.0.0.2:80; | |
server 10.0.0.3:80; | |
} | |
upstream warehouse_pricing { | |
zone pricing_service 64k; | |
server 10.0.0.7:80; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
location / { | |
auth_request /_oauth2_token_introspection; | |
proxy_pass http://my_backend; | |
} | |
location = /_oauth2_token_introspection { | |
internal; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ARG RELEASE=bookworm | |
FROM debian:${RELEASE}-slim | |
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" | |
# Define NGINX versions for NGINX Plus and NGINX Plus modules | |
# Uncomment this block and the versioned nginxPackages block in the main RUN | |
# instruction to install a specific release | |
# ARG RELEASE | |
# ENV NGINX_VERSION 31 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Banned</title> | |
<style> | |
body { | |
width: 35em; | |
margin: 0 auto; | |
font-family: Tahoma, Verdana, Arial, sans-serif; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is the backend application we are protecting with OpenID Connect | |
upstream cluster1-https { | |
zone cluster1-https 256k; | |
least_time last_byte; | |
keepalive 16; | |
#servers managed by NKL Controller | |
state /var/lib/nginx/state/cluster1-https.state; | |
} | |
# Custom log format to include the 'sub' claim in the REMOTE_USER field |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Builds NGINX from the QUIC+HTTP/3 development branch | |
# - Based on the official NGINX docker image, including all modules built by default | |
# - OpenSSL replaced with LibreSSL to support QUIC's TLS requirements (statically linked) | |
# | |
# docker build --no-cache -t nginx:quic . | |
# docker run -d -p 443:443 -p 443:443/udp nginx:quic | |
# | |
# Note that a suitable configuration file and TLS certificates are required for testing! | |
# See <https://quic.nginx.org/readme.html> for more info |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: k8s.nginx.org/v1 | |
kind: VirtualServer | |
metadata: | |
name: app-ingress | |
spec: | |
host: app.example.com | |
tls: | |
secret: app-secret-ecc | |
upstreams: | |
- name: web-server-payload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function parseCSKVpairs(cskvpairs, key) { | |
if ( cskvpairs.length ) { | |
var kvpairs = cskvpairs.split(','); | |
for ( var i = 0; i < kvpairs.length; i++ ) { | |
var kvpair = kvpairs[i].split('='); | |
if ( kvpair[0].toUpperCase() == key ) { | |
return kvpair[1]; | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
js_import batch-api-min.js; | |
# keyval_zone for APIs where the last portion of the URI is an argument | |
# The key is the portion of the URL before the last part | |
keyval_zone zone=batch_api:64k state=/etc/nginx/state-files/batch-api.json; | |
keyval $uri_prefix $batch_api zone=batch_api; | |
# keyval_zone for APIs where the last portion of the URI is an argument | |
# The key is the URI | |
keyval_zone zone=batch_api2:64k state=/etc/nginx/state-files/batch-api2.json; |
NewerOlder