diff --git a/telize/Dockerfile b/telize/Dockerfile new file mode 100644 index 0000000..6b8aaec --- /dev/null +++ b/telize/Dockerfile @@ -0,0 +1,43 @@ +FROM debian:jessie +MAINTAINER Jessica Frazelle + +RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 \ + && echo "deb http://nginx.org/packages/mainline/debian/ jessie nginx" >> /etc/apt/sources.list + +RUN apt-get update && apt-get install -y \ + ca-certificates \ + lua-cjson \ + lua-iconv \ + nginx-extras \ + --no-install-recommends \ + && rm -rf /var/lib/apt/lists/* + +# forward request and error logs to docker log collector +RUN ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log + +COPY nginx.conf /etc/nginx/nginx.conf +COPY mime.types /etc/nginx/mime.types + +EXPOSE 80 443 + +RUN buildDeps=' \ + curl \ + git \ + ' \ + && set -x \ + && apt-get update && apt-get install -y $buildDeps --no-install-recommends \ + && rm -rf /var/lib/apt/lists/* \ + && mkdir -p /usr/share/GeoIP \ + && curl -sSL https://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz -o /usr/share/GeoIP/GeoIP.dat.gz \ + && curl -sSL http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz -o /usr/share/GeoIP/GeoLiteCity.dat.gz \ + && curl -sSL http://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz -o /usr/share/GeoIP/GeoIPASNum.dat.gz \ + && gunzip /usr/share/GeoIP/*gz \ + && git clone https://github.com/fcambus/telize.git /usr/src/telize \ + && cd /usr/src/telize \ + && cp timezone*.conf /etc/nginx/ \ + && cp telize /etc/nginx/conf.d/telize.conf \ + && rm -rf /usr/src/telize \ + && apt-get purge -y --auto-remove $buildDeps + +CMD ["nginx", "-g", "daemon off;"] diff --git a/telize/mime.types b/telize/mime.types new file mode 100644 index 0000000..94c31f1 --- /dev/null +++ b/telize/mime.types @@ -0,0 +1,109 @@ +types { + +# Audio + audio/midi mid midi kar; + audio/mp4 aac f4a f4b m4a; + audio/mpeg mp3; + audio/ogg oga ogg; + audio/x-realaudio ra; + audio/x-wav wav; + +# Images + image/bmp bmp; + image/gif gif; + image/jpeg jpeg jpg; + image/png png; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico cur; + image/x-jng jng; + +# JavaScript + application/javascript js; + application/json json; + +# Manifest files + application/x-web-app-manifest+json webapp; + text/cache-manifest manifest appcache; + +# Microsoft Office + application/msword doc; + application/vnd.ms-excel xls; + application/vnd.ms-powerpoint ppt; + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + +# Video + video/3gpp 3gpp 3gp; + video/mp4 mp4 m4v f4v f4p; + video/mpeg mpeg mpg; + video/ogg ogv; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; + +# Web feeds + application/xml atom rdf rss xml; + +# Web fonts + application/font-woff woff; + application/font-woff2 woff2; + application/vnd.ms-fontobject eot; + application/x-font-ttf ttc ttf; + font/opentype otf; + image/svg+xml svg svgz; + +# Other + application/java-archive jar war ear; + application/mac-binhex40 hqx; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.wap.wmlc wmlc; + application/xhtml+xml xhtml; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/x-7z-compressed 7z; + application/x-chrome-extension crx; + application/x-opera-extension oex; + application/x-xpinstall xpi; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-bittorrent torrent; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + application/octet-stream safariextz; + + text/css css; + text/html html htm shtml; + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/vtt vtt; + text/x-component htc; + text/x-vcard vcf; + +} diff --git a/telize/nginx.conf b/telize/nginx.conf new file mode 100644 index 0000000..d7a7a6b --- /dev/null +++ b/telize/nginx.conf @@ -0,0 +1,109 @@ +user www-data; + +worker_processes 2; +worker_rlimit_nofile 8192; + +pid /run/nginx.pid; + +events { + worker_connections 8000; + # multi_accept on; +} + +http { + server_tokens off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Update charset_types due to updated mime.types + charset_types text/xml text/plain text/vnd.wap.wml application/x-javascript application/rss+xml text/css application/javascript application/json; + + # Format to use in log files + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log main; + error_log /var/log/nginx/error.log warn; + + # How long to allow each connection to stay idle; longer values are better + # for each individual client, particularly for SSL, but means that worker + # connections are tied up longer. (Default: 65) + keepalive_timeout 20; + + # Speed up file transfers by using sendfile() to copy directly + # between descriptors rather than using read()/write(). + sendfile on; + + # Tell Nginx not to send out partial frames; this increases throughput + # since TCP frames are filled up before being sent out. (adds TCP_CORK) + tcp_nopush on; + + + # Compression + + # Enable Gzip compressed. + gzip on; + + # Compression level (1-9). + # 5 is a perfect compromise between size and cpu usage, offering about + # 75% reduction for most ascii files (almost identical to level 9). + gzip_comp_level 5; + + # Don't compress anything that's already small and unlikely to shrink much + # if at all (the default is 20 bytes, which is bad as that usually leads to + # larger files after gzipping). + gzip_min_length 256; + + # Compress data even for clients that are connecting to us via proxies, + # identified by the "Via" header (required for CloudFront). + gzip_proxied any; + + # Tell proxies to cache both the gzipped and regular version of a resource + # whenever the client's Accept-Encoding capabilities header varies; + # Avoids the issue where a non-gzip capable client (which is extremely rare + # today) would display gibberish if their proxy gave them the gzipped version. + gzip_vary on; + + # Compress all output labeled with one of the following MIME-types. + gzip_types + application/atom+xml + application/javascript + application/json + application/rss+xml + application/vnd.ms-fontobject + application/x-font-ttf + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/opentype + image/svg+xml + image/x-icon + text/css + text/plain + text/x-component; + # text/html is always compressed by HttpGzipModule + + ## + # GeoIP + ## + + include /etc/nginx/timezone.conf; + include /etc/nginx/timezone-offset.conf; + + geoip_country /usr/share/GeoIP/GeoIP.dat; + geoip_city /usr/share/GeoIP/GeoLiteCity.dat; + geoip_org /usr/share/GeoIP/GeoIPASNum.dat; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; +}