feat: complete nginx migration from caddy

- Replace Caddy reverse proxy with Nginx (nginx:alpine) - Add nginx.conf with HTTP/HTTPS, gzip, and proxy settings - Add nginx-custom-domains.conf template for custom domains - Update docker-compose.yml to use Nginx service - Add ProxyFix middleware to Flask app for proper header handling - Create nginx_config_reader.py utility to read Nginx configuration - Update admin blueprint to display Nginx status in https_config page - Add Nginx configuration display to https_config.html template - Generate self-signed SSL certificates for localhost - Add utility scripts: generate_nginx_certs.sh - Add documentation: NGINX_SETUP_QUICK.md, PROXY_FIX_SETUP.md - All containers now running, HTTPS working, HTTP redirects to HTTPS - Session cookies marked as Secure - Security headers properly configured
2026-01-15 22:15:11 +02:00
parent 2ea24a98cd
commit 21eb63659a
11 changed files with 587 additions and 10 deletions
--- a/nginx-custom-domains.conf
+++ b/nginx-custom-domains.conf
@@ -0,0 +1,21 @@
+# Nginx configuration for custom HTTPS domains
+# This file will be dynamically generated based on HTTPSConfig database entries
+# Include this in your nginx.conf with: include /etc/nginx/conf.d/custom-domains.conf;
+
+# Example entry for custom domain:
+# server {
+#     listen 443 ssl http2;
+#     listen [::]:443 ssl http2;
+#     server_name digiserver.example.com;
+#
+#     ssl_certificate /etc/nginx/ssl/custom/cert.pem;
+#     ssl_certificate_key /etc/nginx/ssl/custom/key.pem;
+#
+#     location / {
+#         proxy_pass http://digiserver_app;
+#         proxy_set_header Host $host;
+#         proxy_set_header X-Real-IP $remote_addr;
+#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#         proxy_set_header X-Forwarded-Proto $scheme;
+#     }
+# }