-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2839bbe
commit 8899617
Showing
3 changed files
with
113 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| # SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL <[email protected]> | ||
| # | ||
| # SPDX-License-Identifier: CC0-1.0 | ||
|
|
||
| FROM jonasal/nginx-certbot | ||
|
|
||
| RUN mkdir /etc/nginx/enabled-reverse-proxies | ||
| RUN mkdir /scripts-ot | ||
|
|
||
| ADD nginx/reverse-proxy.* /etc/nginx/disabled-reverse-proxies/ | ||
|
|
||
| ADD nginx/orthanc-nginx-https-certbot.conf /etc/nginx/user_conf.d/ | ||
|
|
||
| COPY nginx/copy-conf-files.sh /scripts-ot/ | ||
|
|
||
| RUN ls -al /etc/nginx/disabled-reverse-proxies/ | ||
|
|
||
| CMD ["/bin/bash", "-c", "/scripts-ot/copy-conf-files.sh && /scripts/start_nginx_certbot.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| #!/bin/bash | ||
|
|
||
| # SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL <[email protected]> | ||
| # | ||
| # SPDX-License-Identifier: CC0-1.0 | ||
|
|
||
| # set -o xtrace | ||
| set -o errexit | ||
|
|
||
| enableOrthanc="${ENABLE_ORTHANC:-false}" | ||
| enableOrthancForApi="${ENABLE_ORTHANC_FOR_API:-false}" | ||
| enableOrthancForShares="${ENABLE_ORTHANC_FOR_SHARES:-false}" | ||
| enableKeycloak="${ENABLE_KEYCLOAK:-false}" | ||
| enableOrthancTokenService="${ENABLE_ORTHANC_TOKEN_SERVICE:-false}" | ||
| enableOhif="${ENABLE_OHIF:-false}" | ||
| enableMedDream="${ENABLE_MEDDREAM:-false}" | ||
|
|
||
| ls -al /etc/nginx/disabled-reverse-proxies/ | ||
|
|
||
| if [[ $enableOrthanc == "true" ]]; then | ||
| echo "ENABLE_ORTHANC is true -> enable /orthanc/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.orthanc.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableOrthancForApi == "true" ]]; then | ||
| echo "ENABLE_ORTHANC_FOR_API is true -> enable /orthanc-api/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.orthanc-api.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableOrthancForShares == "true" ]]; then | ||
| echo "ENABLE_ORTHANC_FOR_SHARES is true -> enable /shares/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.shares.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableKeycloak == "true" ]]; then | ||
| echo "ENABLE_KEYCLOAK is true -> enable /keycloak/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.keycloak-https.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableOrthancTokenService == "true" ]]; then | ||
| echo "ENABLE_ORTHANC_TOKEN_SERVICE is true -> enable /token-service/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.token-service.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableMedDream == "true" ]]; then | ||
| echo "ENABLE_MEDDREAM is true -> enable /meddream/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.meddream.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi | ||
|
|
||
| if [[ $enableOhif == "true" ]]; then | ||
| echo "ENABLE_OHIF is true -> enable /ohif/ reverse proxy" | ||
| cp -f /etc/nginx/disabled-reverse-proxies/reverse-proxy.ohif.conf /etc/nginx/enabled-reverse-proxies/ | ||
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| # SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL <[email protected]> | ||
| # | ||
| # SPDX-License-Identifier: CC0-1.0 | ||
|
|
||
| server { | ||
|
|
||
| listen 443 ssl; | ||
|
|
||
| server_name orthanc-con-2023.orthanc.team; | ||
|
|
||
| # Load the certificate files. | ||
| ssl_certificate /etc/letsencrypt/live/orthanc-con-2023.orthanc.team/fullchain.pem; | ||
| ssl_certificate_key /etc/letsencrypt/live/orthanc-con-2023.orthanc.team/privkey.pem; | ||
| ssl_trusted_certificate /etc/letsencrypt/live/orthanc-con-2023.orthanc.team/chain.pem; | ||
|
|
||
|
|
||
| # To avoid 504 error | ||
| proxy_read_timeout 120s; | ||
|
|
||
| # To avoid "too big header... / 502 Bad Gateway" error (inspired from https://www.getpagespeed.com/server-setup/nginx/tuning-proxy_buffer_size-in-nginx) | ||
| proxy_buffer_size 32k; | ||
| proxy_buffers 64 8k; | ||
| proxy_busy_buffers_size 48k; | ||
|
|
||
| # To avoid "414 Request-URI Too Large" whant opening 15(!) studies in OHIF | ||
| large_client_header_buffers 8 16k; | ||
|
|
||
| # include all reverse proxies that have been enabled through env var (check docker-entrypoint.sh) | ||
| include /etc/nginx/enabled-reverse-proxies/*.conf; | ||
| } | ||
|
|
||
| server { | ||
|
|
||
| listen 80 default_server; | ||
|
|
||
|
|
||
| server_name orthanc-con-2023.orthanc.team; | ||
|
|
||
|
|
||
| return 301 https://$host$request_uri; | ||
|
|
||
| } |