Fabio/nginx-proxy-auto-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Add proxy timeout settings

Browse source
This commit is contained in:
Abel Ferreira 2021-04-26 18:05:18 -03:00
parent 411d0064e2
commit 730b389e02
2 changed files with 23 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
README.md
View file

@ -150,6 +150,12 @@ When `HTTPS_METHOD=redirect` defined in container, the default https redirect po
$ docker run -d -p 80:80 -e DEFAULT_HTTPS_REDIRECT_PORT=8443 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
### Default proxy timeout
The default proxy timeout time will be 60s for all conteiners, set the env var `DEFAULT_PROXY_TIMEOUT=2m` in nginx container to change this behavior, for example:
$ docker run -d -p 80:80 -e DEFAULT_PROXY_TIMEOUT=300s -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
### Separate Containers
@ -300,7 +306,12 @@ window / different browser.
### HTTPS External redirect port per container config
By default when `HTTPS_METHOD=redirect` nginx will redirect connections on port HTPP 80 to 443 port or value defined in `DEFAULT_HTTPS_REDIRECT_PORT`, with `HTTPS_REDIRECT_PORT=port` you can change this behavior to another port, for example `HTTPS_REDIRECT_PORT=8443`
By default when `HTTPS_METHOD=redirect` nginx will redirect connections on port HTPP 80 to 443 port or value defined in `DEFAULT_HTTPS_REDIRECT_PORT`, with `HTTPS_REDIRECT_PORT=port` you can change this behavior by container to another port, for example `HTTPS_REDIRECT_PORT=8443`
### PROXY Timeout
By default nginx will drop a connection after 60s or value defined in `DEFAULT_PROXY_TIMEOUT`, with `PROXY_TIMEOUT=time` you can change this behavior by container to another time, for example `PROXY_TIMEOUT=180s`
### HSTS

13
nginx.tmpl
View file

@ -207,6 +207,7 @@ upstream {{ $upstream_name }} {
{{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
{{ $default_server := index (dict $host "" $default_host "default_server") $host }}
{{ $default_https_redirect_port := or ($.Env.DEFAULT_HTTPS_REDIRECT_PORT) "443" }}
{{ $default_proxy_timeout := or ($.Env.DEFAULT_PROXY_TIMEOUT) "60s" }}
{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
{{ $proto := trim (or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http") }}
@ -220,6 +221,9 @@ upstream {{ $upstream_name }} {
{{/* Get the HTTPS_REDIRECT_PORT defined by containers w/ the same vhost, falling back to "443" */}}
{{ $https_redirect_port := or (first (groupByKeys $containers "Env.HTTPS_REDIRECT_PORT")) (or $.Env.HTTPS_REDIRECT_PORT $default_https_redirect_port) }}
{{/* Get the PROXY_TIMEOUT defined by containers w/ the same vhost, falling back to "60s" */}}
{{ $proxy_timeout := or (first (groupByKeys $containers "Env.PROXY_TIMEOUT")) (or $.Env.PROXY_TIMEOUT $default_proxy_timeout)) }}
{{/* Get the SSL_POLICY defined by containers w/ the same vhost, falling back to empty string (use default) */}}
{{ $ssl_policy := or (first (groupByKeys $containers "Env.SSL_POLICY")) "" }}
@ -255,7 +259,7 @@ server {
listen [::]:{{ $external_http_port }} {{ $default_server }};
{{ end }}
{{ $access_log }}
# Do not HTTPS redirect Let'sEncrypt ACME challenge
location /.well-known/acme-challenge/ {
auth_basic off;
@ -264,7 +268,7 @@ server {
try_files $uri =404;
break;
}
location / {
return 301 https://$host:{{ $https_redirect_port }}$request_uri;
}
@ -290,6 +294,11 @@ server {
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
send_timeout {{ $proxy_timeout }};
proxy_connect_timeout {{ $proxy_timeout }};
proxy_send_timeout {{ $proxy_timeout }};
proxy_read_timeout {{ $proxy_timeout }};
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};