Nginx docker image by appwilio. Based on official nginx image.
- brotli support
- mTLS runtime config
- watch ssl directory and auto reload on certificate update
| Variable | Default | Description |
|---|---|---|
| CLIENT_VERIFICATION | http://nginx.org/ru/docs/http/ngx_http_ssl_module.html#ssl_verify_client | |
| CLIENT_CA_FILENAME | client-ca.pem | |
| NGINX_SSL_ROOT | /etc/nginx/ssl | directory containing ssl keys and certificates |
| LOADBALANCER_SUBNET | 127.0.0.1 | PROXY_PROTOCOL trusted network |
| APP_ENV | production | Allow to run or omit some scripts depending environment |
- Mount client CA certificate (filename configured by
CLIENT_CA_FILENAMEenv variable) toNGINX_SSL_ROOT - Set
CLIENT_VERIFICATIONenvironment variable toon - Include
ssl-client.confin server configuration:
include ssl-client.conf;
- Compress static files with brotli
- Add load_module directive to nginx.conf:
load_module /usr/local/nginx/modules/ngx_http_brotli_static_module.so;
- Add directive to static location:
location /static/ {
brotli_static on;
}