пре 8 година · 0b1e9e56e1
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,9 +9,10 @@ RUN apt-get update \
 
				  && apt-get clean \
			
 
				  && rm -r /var/lib/apt/lists/*
			
 
				 
			
 
				-# Configure Nginx and apply fix for very long server names
			
 
				-RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
			
 
				- && sed -i 's/^http {/&\n    server_names_hash_bucket_size 128;/g' /etc/nginx/nginx.conf
			
 
				+# Generate dhparam.pem, configure Nginx, apply fix for very long server names
			
 
				+RUN openssl dhparam -out /etc/nginx/dhparam.pem 2048 \
			
 
				+ && echo "daemon off;" >> /etc/nginx/nginx.conf \
			
 
				+ && sed -i 's|^http {|&\n    server_names_hash_bucket_size 128;    ssl_dhparam /etc/nginx/dhparam.pem;|g' /etc/nginx/nginx.conf
			
 
				 
			
 
				 # Install Forego
			
 
				 ADD https://github.com/jwilder/forego/releases/download/v0.16.1/forego /usr/local/bin/forego
			
--- a/README.md
+++ b/README.md
@@ -142,9 +142,11 @@ hosts in use.  The certificate and keys should be named after the virtual host w
 
				 
			
 
				 #### Diffie-Hellman Groups
			
 
				 
			
 
				-If you have Diffie-Hellman groups enabled, the files should be named after the virtual host with a
			
 
				+Diffie-Hellman groups are enabled by default, with a pregenerated key in `/etc/nginx/dhparam.pem`.
			
 
				+You can mount a different `dhparam.pem` file at that location to override the default cert.
			
 
				+To use custom `dhparam.pem` files per-virtual-host, the files should be named after the virtual host with a
			
 
				 `dhparam` suffix and `.pem` extension. For example, a container with `VIRTUAL_HOST=foo.bar.com`
			
 
				-should have a `foo.bar.com.dhparam.pem` file in the certs directory.
			
 
				+should have a `foo.bar.com.dhparam.pem` file in the `/etc/nginx/certs` directory.
			
 
				 
			
 
				 #### Wildcard Certificates