Skip to content

Commit

Permalink
Update gateway with latest nginx and adjust conf templates, adjust SM…
Browse files Browse the repository at this point in the history 
…C build for 1.9.86
  • Loading branch information
@frankyrumple
frankyrumple committed Jan 9, 2024
1 parent ac2ad5c commit 6740f24
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 13 deletions.
4 changes: 2 additions & 2 deletions docker_build_files/ope-gateway/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#FROM nginx:1.11.3
#
FROM jwilder/nginx-proxy:alpine
LABEL rebuild=7
LABEL rebuild=8

# ope-gateway - Open Prison Education gateway device
# Build: Follow instructions at https://github.com/operepo/ope
Expand All @@ -13,7 +13,7 @@ LABEL version="0.8"

ARG VERSION=dev

RUN apk add nano
RUN apk add nano openssl


LABEL rebuild=139
Expand Down
3 changes: 2 additions & 1 deletion docker_build_files/ope-gateway/gateway.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ server {
}
server {
server_name gateway.<DOMAIN>;
listen 443 ssl http2;
listen 443 ssl;
http2 on;
access_log /var/log/nginx/access.log vhost2;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
Expand Down
3 changes: 2 additions & 1 deletion docker_build_files/ope-gateway/nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,4 +36,5 @@ http {

include /etc/nginx/conf.d/*.conf;
}
daemon off;

# daemon off;
15 changes: 9 additions & 6 deletions docker_build_files/ope-gateway/nginx.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,9 +157,10 @@ server {
{{ if (and (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}
server {
server_name _; # This is just an invalid value which will never trigger on a real hostname.
listen {{ $external_https_port }} ssl http2;
listen {{ $external_https_port }} ssl;
http2 on;
{{ if $enable_ipv6 }}
listen [::]:{{ $external_https_port }} ssl http2;
listen [::]:{{ $external_https_port }} ssl;
{{ end }}
{{ $access_log }}
return 503;
Expand Down Expand Up @@ -305,9 +306,10 @@ server {

server {
server_name {{ $host }};
listen {{ $external_https_port }} ssl http2 {{ $default_server }};
listen {{ $external_https_port }} ssl {{ $default_server }};
http2 on;
{{ if $enable_ipv6 }}
listen [::]:{{ $external_https_port }} ssl http2 {{ $default_server }};
listen [::]:{{ $external_https_port }} ssl {{ $default_server }};
{{ end }}
{{ $access_log }}

Expand Down Expand Up @@ -499,9 +501,10 @@ server {
{{ if (and (not $is_https) (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}
server {
server_name {{ $host }};
listen {{ $external_https_port }} ssl http2 {{ $default_server }};
listen {{ $external_https_port }} ssl {{ $default_server }};
http2 on;
{{ if $enable_ipv6 }}
listen [::]:{{ $external_https_port }} ssl http2 {{ $default_server }};
listen [::]:{{ $external_https_port }} ssl {{ $default_server }};
{{ end }}
{{ $access_log }}

Expand Down
7 changes: 4 additions & 3 deletions docker_build_files/ope-smc/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,14 @@ RUN apk update \
&& python -m pip install --upgrade setuptools ldap3 pycryptodome requests \
paramiko ecdsa isodate pywinrm crypto PyMySQL \
psycopg2-binary uwsgi uwsgitop psutil redis pycanvas lz4 \
webvtt-py langcodes language_data bs4 lxml openpyxl Pillow WeasyPrint uwsgitop \
webvtt-py langcodes language_data bs4 lxml openpyxl Pillow WeasyPrint uwsgitop pydantic pylti1p3
# && python -m pip install xlrd==1.2.0 \
# pytube3 - use fix 701 for now
#pip install git+https://github.com/nficano/pytube.git@refs/pull/701/head
# matplotlib reportlab ldap pycrypto changed to pycryptodome python-ldap changed to ldap3
&& FFMPEG_VER=3.4.2 \
&& curl -s http://ffmpeg.org/releases/ffmpeg-${FFMPEG_VER}.tar.gz | tar zxvf - -C . \
# FFMPEG_VER=3.4.9
RUN FFMPEG_VER=3.4.9 \
&& curl -s https://ffmpeg.org/releases/ffmpeg-${FFMPEG_VER}.tar.gz | tar zxvf - -C . \
&& cd ffmpeg-${FFMPEG_VER} \
&& ./configure \
--disable-debug --enable-version3 --enable-small --enable-gpl \
Expand Down

0 comments on commit 6740f24

Please sign in to comment.