mirror of
https://github.com/Ahwxorg/Binternet.git
synced 2026-03-11 08:54:37 +00:00
update alpine, php, instance list; add nginx security headers
This commit is contained in:
parent
a01f9e3617
commit
758a7668a7
3 changed files with 27 additions and 24 deletions
22
Dockerfile
22
Dockerfile
|
|
@ -1,22 +1,22 @@
|
|||
FROM alpine:3.20
|
||||
FROM alpine:3.21
|
||||
|
||||
RUN apk add php83 php83-fpm php83-dom php83-curl php83-json php83-openssl nginx --no-cache
|
||||
RUN apk add php84 php84-fpm php84-dom php84-curl php84-openssl nginx --no-cache
|
||||
RUN sed -i '/user nginx;/d' /etc/nginx/nginx.conf \
|
||||
&& sed -i 's/^user = nobody/; user = nobody/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/^group = nobody/; group = nobody/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/listen = 127.0.0.1:9000/listen = \/run\/php\/php-fpm83.sock/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.owner = nobody/listen.owner = nginx/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.group = nobody/listen.group = nginx/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.mode/listen.mode/' /etc/php83/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.allowed_clients/listen.allowed_clients/' /etc/php83/php-fpm.d/www.conf
|
||||
&& sed -i 's/^; user = nobody/user = nobody/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/^; group = nobody/group = nobody/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/listen = 127.0.0.1:9000/listen = \/run\/php\/php-fpm84.sock/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.owner = nobody/listen.owner = nginx/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.group = nobody/listen.group = nginx/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.mode/listen.mode/' /etc/php84/php-fpm.d/www.conf \
|
||||
&& sed -i 's/;listen.allowed_clients/listen.allowed_clients/' /etc/php84/php-fpm.d/www.conf
|
||||
|
||||
RUN mkdir -p /var/www/binternet /run/php
|
||||
COPY . /var/www/binternet
|
||||
COPY nginx.conf /etc/nginx/http.d/binternet.conf
|
||||
RUN rm /var/www/binternet/nginx.conf /etc/nginx/http.d/default.conf \
|
||||
&& chown -R nginx:nginx /var/log/php83/ /run
|
||||
&& chown -R nginx:nginx /var/log/php84/ /run
|
||||
|
||||
USER nginx
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["/bin/sh", "-c" , "/usr/sbin/php-fpm83 -D && /usr/sbin/nginx -c /etc/nginx/nginx.conf -g 'daemon off;'"]
|
||||
ENTRYPOINT ["/bin/sh", "-c" , "/usr/sbin/php-fpm84 -D && /usr/sbin/nginx -c /etc/nginx/nginx.conf -g 'daemon off;'"]
|
||||
HEALTHCHECK --timeout=5s CMD wget --no-verbose --tries=1 --spider 127.0.0.1:8080 || exit 1
|
||||
|
|
|
|||
22
README.md
22
README.md
|
|
@ -33,18 +33,16 @@
|
|||
|
||||
| Clearnet | TOR | I2P | Country |
|
||||
|-|-|-|-|
|
||||
| [binternet.ahwx.org](https://binternet.ahwx.org) | no | no | 🇳🇱 NL (Official Instance) |
|
||||
| no clearnet address | [yes!](http://binternet.skunky7dhv7nohsoalpwe3sxfz3fbkad7r3wk632riye25vqm3meqead.onion) | [yes!](http://5cv2aw6jhe6la444vpn3jvo46442ls3ccgp3difx5ddlv5yf4hlq.b32.i2p) | 🇷🇺 RU |
|
||||
| [bn.bloat.cat](https://bn.bloat.cat) | no | no | 🇩🇪 DE |
|
||||
| [bn.opnxng.com](https://bn.opnxng.com) | no | no | 🇸🇬 SG |
|
||||
| [binternet.ducks.party](https://binternet.ducks.party) | no | no | 🇳🇱 NL |
|
||||
| [binternet.4o1x5.dev](https://binternet.4o1x5.dev) | no | no | 🇭🇺 HU |
|
||||
| [binternet.darkness.services](https://binternet.darkness.services) | [yes!](http://binternet.darknessrdor43qkl2ngwitj72zdavfz2cead4t5ed72bybgauww5lyd.onion/) | no | 🇺🇸 US |
|
||||
| [binternet.privacyredirect.com](https://binternet.privacyredirect.com) | no | no | 🇫🇮 FI |
|
||||
| [binternet.lunar.icu](https://binternet.lunar.icu) | no | no | 🇩🇪 DE |
|
||||
| [binternet.bunk.lol](https://binternet.bunk.lol) | no | no | 🇮🇸 IS |
|
||||
| [pin.blitzw.in](https://pin.blitzw.in) | no | no | 🇩🇰 DK |
|
||||
| [binternet.canine.tools](https://binternet.canine.tools) | no | no | 🇺🇸 US |
|
||||
| [binternet.revvy.de](https://binternet.revvy.de/) | [yes!](http://binternet.revvybrr6pvbx4n3j4475h4ghw4elqr4t5xo2vtd3gfpu2nrsnhh57id.onion/) | [yes!](http://revznkqdwy7nmlzql66x226g3qnapiooss3rg2uajbj4rypxjnba.b32.i2p/) | 🇫🇮 FI |
|
||||
| [binternet.darkness.services](https://binternet.darkness.services/) | [yes!](http://binternet.darknessrdor43qkl2ngwitj72zdavfz2cead4t5ed72bybgauww5lyd.onion/) | no | 🇺🇸 US |
|
||||
| [bn.bloat.cat](https://bn.bloat.cat/) | no | no | 🇩🇪 DE |
|
||||
| [bn.opnxng.com](https://bn.opnxng.com/) | no | no | 🇸🇬 SG |
|
||||
| [binternet.ducks.party](https://binternet.ducks.party/) | no | no | 🇳🇱 NL |
|
||||
| [binternet.4o1x5.dev](https://binternet.4o1x5.dev/) | no | no | 🇭🇺 HU |
|
||||
| [binternet.privacyredirect.com](https://binternet.privacyredirect.com/) | no | no | 🇫🇮 FI |
|
||||
| [binternet.lunar.icu](https://binternet.lunar.icu/) | no | no | 🇩🇪 DE |
|
||||
| [pin.blitzw.in](https://pin.blitzw.in/) | no | no | 🇩🇰 DK |
|
||||
| [binternet.canine.tools](https://binternet.canine.tools/) | no | no | 🇺🇸 US |
|
||||
<br>
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,9 @@
|
|||
server {
|
||||
add_header Content-Security-Policy "default-src 'none'; style-src 'self'; img-src 'self'";
|
||||
add_header X-Frame-Options "DENY" always;
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), browsing-topics=(), camera=(), compute-pressure=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), indentity-credentials-get=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-create=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), speaker-selection=(), storage-access=(), usb=(), web-share=(), window-management=(), xr-spatial-tracking=()";
|
||||
|
||||
listen 8080 default_server;
|
||||
server_name _;
|
||||
|
||||
|
|
@ -6,7 +11,7 @@ server {
|
|||
index index.php;
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/run/php/php-fpm83.sock;
|
||||
fastcgi_pass unix:/run/php/php-fpm84.sock;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
|
|
|
|||
Loading…
Reference in a new issue