cloudron-box

Author	SHA1	Message	Date
Girish Ramakrishnan	8907b692c1	nginx: do not log query params	2025-11-24 14:11:06 +01:00
Girish Ramakrishnan	b26c8d20cd	network: add trusted ips This allows the user to set trusted ips to Cloudflare or some other CDN and have the logs have the correct IPs. fixes #801	2023-05-13 16:15:47 +02:00
Girish Ramakrishnan	e3b0d3960a	reverseproxy: create configs in subdirectories for easy management	2022-11-17 12:16:11 +01:00
Girish Ramakrishnan	6492c9b71f	nginx: remove combined2 custom log format collectd does not use this anymore (`eb47476c83`) This makes nginx work better with a variety of tools like Wazuh and ossec https://forum.cloudron.io/topic/6077/nginx-logs-format/ https://forum.cloudron.io/topic/6161/implement-default-nginx-logging	2021-12-13 10:47:12 -08:00
Girish Ramakrishnan	0f9168052a	nginx: add separate endpoint for ip/setup screens 'setup' endpoint for setup/restore. we show the setup wizard. 'ip' endpoint is post activation. we show a splash screen here. Also, the https://ip will not respond to any api calls anymore (since this will leak the admin fqdn otherwise). We should probably make this customizable at some point. Fixes #739	2020-09-23 23:07:40 -07:00
Girish Ramakrishnan	5cd3df4869	better nginx config for higher loads	2020-05-25 15:25:00 -07:00
Girish Ramakrishnan	014b77b7aa	Fix LE cert renewal failures LE contacts the server by hostname and not by IP. This means that when installing and reconfiguring the app it hits the default_server route since nginx configs for the app are not generated at. When doing in the daily cert renew, the nginx configs exist and we are unable to renew the certs.	2017-11-02 11:43:43 -07:00
Girish Ramakrishnan	6dd70c0ef2	acme challenges must be answered by default_server The challenge must be answered even before app nginx config is available.	2017-10-28 23:39:03 -07:00
Girish Ramakrishnan	3dedda32d4	Configure http server to only listen on known vhosts/IP For the rest it returns 404 Fixes #446	2017-10-27 00:10:50 -07:00
Johannes Zellner	e50e0f730b	Make nginx listen on :: for ipv6	2017-09-20 16:33:25 +02:00
Girish Ramakrishnan	db7a4b75ae	log the host in nginx logs	2017-07-21 09:43:44 -07:00
Girish Ramakrishnan	b5aed7b00a	Set full path for nginx access log	2017-07-18 21:49:12 -07:00
Johannes Zellner	602f8bcd04	Split platform and app data folders and get rid of btrfs volumes	2017-04-04 12:34:55 +02:00
Girish Ramakrishnan	ffbda22145	Fine tune rate limits a bit more	2017-03-29 16:03:08 -07:00
Girish Ramakrishnan	18e59c4754	Rate limit nginx routes that verify the password Also remove rate-limit middleware Test using something like: ab -v 1 -n 1000 -c 10 -s 5 -m POST https://my.<doamain>/api/v1/developer/login Part of #187	2017-03-27 00:06:42 -07:00
Girish Ramakrishnan	6a523606ca	Revert "Bump version to Nginx IPv6 support." This reverts commit `5555321cf5`. This reverts commit `f087ebbee0`. This reverts commit `d04f64d3d4`. Part of #264	2017-03-19 14:25:30 -07:00
Jonah Aragon	f087ebbee0	Add `listen [::]:80;` for IPv6 redirects.	2017-03-17 19:13:18 +00:00
Johannes Zellner	9b9d30c092	Remove commented out section of the nginx.conf	2017-01-11 00:09:51 +01:00
Johannes Zellner	801c40420c	Create setup nginx config and cert for ip setup	2017-01-05 16:02:03 +01:00
Girish Ramakrishnan	dfa08469d6	set timeouts explicitly	2016-06-01 17:33:28 -07:00
Girish Ramakrishnan	d798073d95	fix comment of default_server	2016-06-01 17:28:15 -07:00
Girish Ramakrishnan	41632b8c11	fix favicon of naked domain	2016-06-01 17:27:39 -07:00
Girish Ramakrishnan	eb29bdd575	document keepalive_timeout	2016-06-01 16:51:52 -07:00
Johannes Zellner	63c06a508e	Make /api available on just the IP We might want to also show something else than the naked domain placeholder page when just accessing the ip	2016-01-24 12:08:10 +01:00
Girish Ramakrishnan	1874c93c5c	no need to template main nginx config	2015-12-10 13:54:53 -08:00

25 Commits