sonnt85 · August 24, 2023 08:34
diff --git a/nignxgen.toml b/nignxgen.toml
 [[Containers]]
 # IP of networks container with name (ingress, host, public)
 ID = "2201" # or Name = "container's name"
 State = {Running = true}#[false]true 

 # List addresses exposed inside the container, must configure hostport, exposed when len(Addresses) != 0
 # {Proto = "tcp", IP = "", Port = "5891", HostPort = "8081", HostIP = "127.0.0.1"}, # Port is the server's port in the upstream block
 Addresses = [
  {Proto = "tcp", Port = "5891"}, # Port is the server's port in the upstream block, will be overwritten by VPORT
 ]

 Networks = [{Name = "host", IP = "172.17.0.1"}] # IP is the server's IP in the upstream block, Name must be "host" or "public"

 [Containers.env]
 # All env variables are strings

 # Related to Authentication
 BASICAUTH = "" # Basicauth information for this server in the format "user1:passwd1 | user2:passwd2 | user3:passwd3"

 # Related to the locations configuration
 LOCATION_INCLUDE = 'location_include_path' # [VPATH_INCLUDE] full path included in the main location tag

 # Related to the upstream configuration
 DISABLEGENUPSTREAM = 'false' # Disable generating the upstream block for this vhost
 UNAME = '' # [UPSTREAM_NAME] Force upstream name (Not generated automatically, user manages this upstream name)
 UPSTREAMNAME = "" # Overwrite UNAME
 UPSTREAMOPT = '' # Append to start the upstream's block

 # Related to the http block configuration
 HTTPTOPT = '' # Otherwise, it will be included at the HTTP Block

 # Related to Block Server
 DISABLEGNVHOST = 'info' # Disable generating the server block
 VHOSTOPT = '' # Configure add in the server block
 VHOST_INCLUDE = 'vhost_include_path' # [empty] full path included in the server block

 # Related to check Alive
 CHECKENDPOINT = '/' # Endpoint for checking alive
 CHECKINDEX = 'index.php' # Index check for fastcgi
 CHECKINTERVAL = '2000' # Interval check alive
 UPSTREAMCHECKTYPE = 'tcp' # tcp|http|websocket|ssl_hello|mysql|ajp|none
 UPSTREAMCHEKFALL = '5' # Number of checks down
 UPSTREAMCHEKFORONESERVER = 'true' # Also check alive for upstream with only one server
 UPSTREAMCHEKINTERVAL = '2000' # Interval check alive
 UPSTREAMCHEKRISE = '1' # Number of checks up
 UPSTREAMCHEKTIMEOUT = '5000' # Timeout check alive
 UPSTREAMENABLESTICKY = 'false' # tcp|http|websocket|ssl_hello|mysql|ajp|fastcgi

 # Related to Certificate
 CERNAME = '' # [CERT_NAME] Name of the cert [not include path, path is automated] /etc/nginx/certs/[CERT_NAME], /etc/letsencrypt/live/[CERT_NAME]/
 DISABLEGENSSL = 'false' # Disable genssl for this vhost
 DNS_PROVIER = "" # Default_dns_provider
 DOMAIN_CHECK_SSL = '' # DCSSL domain to check ssl for this vhost, If empty, it is automatically generated
 SSLEMAIL = '' # SSLEmail for this vhost
 TIMEOUT_SSL_CHECK = '5s' # Timeout to check SSL is created

 # Related to configuration by existing templates
 ISLOCALPHP = "false" # [IS_LOCAL_PHP] If true, it will configure fastcgi with php-fpm inside nginxgen (Through installing the fastcgi_backend variable is unix:/var/run/php-fmp.sock)
 ISPHP = "false" # [IS_PHP if VPROTO] == fastcgi and ISPHP == true => include conf-http.d/php-common to location
 ISSPA = "false" # [IS_SINGLE_PAGE_APP] if VPROTO == fastcgi and ISPHP == true => use php config
 ODOO_VERSION = "" # Use if this is Odoo
 VROOT = "/var/www/html" # [VIRTUAL_ROOT] Use for ISLOCALPHP, ISSPA, ISPHP

 # Related to security
 EWAF = "false" # Enable or disable modsecurity waf
 HSTS = 'max-age=31536000' # Config HSTS
 IFRAMEVALUE = 'SAMEORIGIN' # iframe value SAMEORIGIN, DENY
 NETWORK_ACCESS = 'external' # [NACCESS] [external], internal
 SERVERNAME = '' # Change server name [Avoid displaying the real name server nginx]
 SERVER_TOKENS = "off" # STOKENS config server_tokens
 SSL_POLICY = '' # [Mozilla-Intermediate], Mozilla-Modern, Mozilla-Old, AWS-TLS-1-2-2017-01, AWS-TLS-1-1-2017-01, [SSL_POLICY SPOLICY]
 WHITELISIPS = '' # List of IPs that allow access, in addition to this IPS, it will return 403 [ip1,ip2..ipn]
 BLACKLISIPS = '' # List of IPs that deny access, request will return 403 [ip1,ip2..ipn]
 # Related to statistics
 STATICS_FILE = '' # Full path to stats backup, The default is not saved in the file
 STATUSAUTH = "" # Authen's basic status format for the user format: user:passwd

 # Related to domain name

 # Related to log
 EALOG = 'true' # ENABLE_ACCESS_LOG enable or disable access log
 ELOGLEVEL = 'info' # emerg < alert < crit < error < warn < notice < info < debug

 # Address server configure
 HTTPS_PORT = "9443" # [HTTPSPORT]
 HTTPS_PUBLIC_PORT = "" # [HTTPSPUBLICPORT] Actual port called from the internet (because the server can lie behind LB or reserve proxy)
 SERVER_ADDRESS = '' # Server address, overwrites auto get server address
 SERVER_PORT = '' # Server port, overwrites auto get server port
 VPORT = '5891' # Prioritize than Addresses.Port

 # Other
 DISABLE_PROXY_HEADER_HOST = 'false' # Enable or disable [proxy_set_header Host $proxy_x_forwarded_host], default is false [DPHVHOST]
 HTTPS_METHOD = 'redirect' # [noredirect], redirect, nohttps, nohttp, "" (http and auto https)

 ISVHOSTLOOPBACK = 'false' # UNAME add localhost for this vhost, do not create SSL vhost
 # main location
 LOCATION = '/' # [VPATH, VIRTUAL_PATH] location value
 PROXY_EXTRA_OPTS = '' # [VDEST, PROXY_EXTRA_OPTS, PEO, VIRTUAL_DEST] Insert right after proxy_pass of LOCATION syntax UN:upstreamname, opts or opts 
 # end of the main location

 LOCATION_POPTS = '' # [VPATHDESTS] multiple LOCATION PROXY_EXTRA_OPTS  '/location1|location2,proxy_extra_opt2[,moreconfig2]|...|/locationn,proxy_extra_optn[,moreconfign]|/path3,UN:upstreamname[,dest3]' Note that UN:upstreamname will overwrite UPSTREAMNAME
 # moreconfig is inserted right below the block location
 VHOST = 'subdomain.domaintoml.com,~.*sub2.sub1.domaintoml.com' # If VHOST=defaultvhost, this domain is the default server
 VPROTO = 'http' # connect, http, uwsgi, fastcgi, https, none (default http) [VIRTUAL_PROTO, VPROTO]
 VSTREAM = '' # [VIRTUAL_STREAM] Similar to vhost but for stream

 # The following Env is for docker containing nginxgen, may be the env of the container or JSON configuration in the file/etc/nginxgen/watchroot/env.jenv (key value)
 # Usually, this is the default set value for the events in containers
 CLOUDFLARE_DNS_API_TOKEN = "" # CLOUDFLARE_API_KEY
 DEFAULT_DNS_PROVIDER = "" # DDP cloudflare if enable CLOUDFLARE_API_KEY
 DEFAULT_HOST = "defaultvhost" # DHOST
 DISABLEGENSSL = "false" 
 DISABLE_PROXY_PROTOCOL = "false" 
 ELOGLEVEL = "" 
 EWAF = "false" # enable or disable modsecurity waf
 HTTPS_METHOD = "redirect" # [HMDEFAULT]
 STREAM_PORT = "443" # SPORT
 TIMEOUT_SSL_CHECK = "5s" 
 UPSTREAMCHECKTYPE = "http" 
 UPSTREAMCHEKFALL = "5" 
 UPSTREAMCHEKFORONESERVER = "true" 
 UPSTREAMCHEKINTERVAL = "2000" 
 UPSTREAMCHEKRISE = "1" 
 UPSTREAMCHEKTIMEOUT = "5000"
 # Related to default server
 DAVAUTH = "" # If DAVDIR (other than empty), Davauth is Basic Authen for WebDav if different, Format User: Password
 DAVDIR = "" # Enable webdav for directory DAVDIR
 WHITELISIPS = '' # List of IPs that allow access for all servers, in addition to this IPS, it will return 403 [ip1,ip2..ipn]
 BLACKLISIPS = '' # List of IPs that deny access for all servers, request will return 403 [ip1,ip2..ipn]
	[[Containers]]
	# IP of networks container with name (ingress, host, public)
	ID = "2201" # or Name = "container's name"
	State = {Running = true}#[false]true

	# List addresses exposed inside the container, must configure hostport, exposed when len(Addresses) != 0
	# {Proto = "tcp", IP = "", Port = "5891", HostPort = "8081", HostIP = "127.0.0.1"}, # Port is the server's port in the upstream block
	Addresses = [
	{Proto = "tcp", Port = "5891"}, # Port is the server's port in the upstream block, will be overwritten by VPORT
	]

	Networks = [{Name = "host", IP = "172.17.0.1"}] # IP is the server's IP in the upstream block, Name must be "host" or "public"

	[Containers.env]
	# All env variables are strings

	# Related to Authentication
	BASICAUTH = "" # Basicauth information for this server in the format "user1:passwd1 \| user2:passwd2 \| user3:passwd3"

	# Related to the locations configuration
	LOCATION_INCLUDE = 'location_include_path' # [VPATH_INCLUDE] full path included in the main location tag

	# Related to the upstream configuration
	DISABLEGENUPSTREAM = 'false' # Disable generating the upstream block for this vhost
	UNAME = '' # [UPSTREAM_NAME] Force upstream name (Not generated automatically, user manages this upstream name)
	UPSTREAMNAME = "" # Overwrite UNAME
	UPSTREAMOPT = '' # Append to start the upstream's block

	# Related to the http block configuration
	HTTPTOPT = '' # Otherwise, it will be included at the HTTP Block

	# Related to Block Server
	DISABLEGNVHOST = 'info' # Disable generating the server block
	VHOSTOPT = '' # Configure add in the server block
	VHOST_INCLUDE = 'vhost_include_path' # [empty] full path included in the server block

	# Related to check Alive
	CHECKENDPOINT = '/' # Endpoint for checking alive
	CHECKINDEX = 'index.php' # Index check for fastcgi
	CHECKINTERVAL = '2000' # Interval check alive
	UPSTREAMCHECKTYPE = 'tcp' # tcp\|http\|websocket\|ssl_hello\|mysql\|ajp\|none
	UPSTREAMCHEKFALL = '5' # Number of checks down
	UPSTREAMCHEKFORONESERVER = 'true' # Also check alive for upstream with only one server
	UPSTREAMCHEKINTERVAL = '2000' # Interval check alive
	UPSTREAMCHEKRISE = '1' # Number of checks up
	UPSTREAMCHEKTIMEOUT = '5000' # Timeout check alive
	UPSTREAMENABLESTICKY = 'false' # tcp\|http\|websocket\|ssl_hello\|mysql\|ajp\|fastcgi

	# Related to Certificate
	CERNAME = '' # [CERT_NAME] Name of the cert [not include path, path is automated] /etc/nginx/certs/[CERT_NAME], /etc/letsencrypt/live/[CERT_NAME]/
	DISABLEGENSSL = 'false' # Disable genssl for this vhost
	DNS_PROVIER = "" # Default_dns_provider
	DOMAIN_CHECK_SSL = '' # DCSSL domain to check ssl for this vhost, If empty, it is automatically generated
	SSLEMAIL = '' # SSLEmail for this vhost
	TIMEOUT_SSL_CHECK = '5s' # Timeout to check SSL is created

	# Related to configuration by existing templates
	ISLOCALPHP = "false" # [IS_LOCAL_PHP] If true, it will configure fastcgi with php-fpm inside nginxgen (Through installing the fastcgi_backend variable is unix:/var/run/php-fmp.sock)
	ISPHP = "false" # [IS_PHP if VPROTO] == fastcgi and ISPHP == true => include conf-http.d/php-common to location
	ISSPA = "false" # [IS_SINGLE_PAGE_APP] if VPROTO == fastcgi and ISPHP == true => use php config
	ODOO_VERSION = "" # Use if this is Odoo
	VROOT = "/var/www/html" # [VIRTUAL_ROOT] Use for ISLOCALPHP, ISSPA, ISPHP

	# Related to security
	EWAF = "false" # Enable or disable modsecurity waf
	HSTS = 'max-age=31536000' # Config HSTS
	IFRAMEVALUE = 'SAMEORIGIN' # iframe value SAMEORIGIN, DENY
	NETWORK_ACCESS = 'external' # [NACCESS] [external], internal
	SERVERNAME = '' # Change server name [Avoid displaying the real name server nginx]
	SERVER_TOKENS = "off" # STOKENS config server_tokens
	SSL_POLICY = '' # [Mozilla-Intermediate], Mozilla-Modern, Mozilla-Old, AWS-TLS-1-2-2017-01, AWS-TLS-1-1-2017-01, [SSL_POLICY SPOLICY]
	WHITELISIPS = '' # List of IPs that allow access, in addition to this IPS, it will return 403 [ip1,ip2..ipn]
	BLACKLISIPS = '' # List of IPs that deny access, request will return 403 [ip1,ip2..ipn]
	# Related to statistics
	STATICS_FILE = '' # Full path to stats backup, The default is not saved in the file
	STATUSAUTH = "" # Authen's basic status format for the user format: user:passwd

	# Related to domain name

	# Related to log
	EALOG = 'true' # ENABLE_ACCESS_LOG enable or disable access log
	ELOGLEVEL = 'info' # emerg < alert < crit < error < warn < notice < info < debug

	# Address server configure
	HTTPS_PORT = "9443" # [HTTPSPORT]
	HTTPS_PUBLIC_PORT = "" # [HTTPSPUBLICPORT] Actual port called from the internet (because the server can lie behind LB or reserve proxy)
	SERVER_ADDRESS = '' # Server address, overwrites auto get server address
	SERVER_PORT = '' # Server port, overwrites auto get server port
	VPORT = '5891' # Prioritize than Addresses.Port

	# Other
	DISABLE_PROXY_HEADER_HOST = 'false' # Enable or disable [proxy_set_header Host $proxy_x_forwarded_host], default is false [DPHVHOST]
	HTTPS_METHOD = 'redirect' # [noredirect], redirect, nohttps, nohttp, "" (http and auto https)

	ISVHOSTLOOPBACK = 'false' # UNAME add localhost for this vhost, do not create SSL vhost
	# main location
	LOCATION = '/' # [VPATH, VIRTUAL_PATH] location value
	PROXY_EXTRA_OPTS = '' # [VDEST, PROXY_EXTRA_OPTS, PEO, VIRTUAL_DEST] Insert right after proxy_pass of LOCATION syntax UN:upstreamname, opts or opts
	# end of the main location

	LOCATION_POPTS = '' # [VPATHDESTS] multiple LOCATION PROXY_EXTRA_OPTS '/location1\|location2,proxy_extra_opt2[,moreconfig2]\|...\|/locationn,proxy_extra_optn[,moreconfign]\|/path3,UN:upstreamname[,dest3]' Note that UN:upstreamname will overwrite UPSTREAMNAME
	# moreconfig is inserted right below the block location
	VHOST = 'subdomain.domaintoml.com,~.*sub2.sub1.domaintoml.com' # If VHOST=defaultvhost, this domain is the default server
	VPROTO = 'http' # connect, http, uwsgi, fastcgi, https, none (default http) [VIRTUAL_PROTO, VPROTO]
	VSTREAM = '' # [VIRTUAL_STREAM] Similar to vhost but for stream

	# The following Env is for docker containing nginxgen, may be the env of the container or JSON configuration in the file/etc/nginxgen/watchroot/env.jenv (key value)
	# Usually, this is the default set value for the events in containers
	CLOUDFLARE_DNS_API_TOKEN = "" # CLOUDFLARE_API_KEY
	DEFAULT_DNS_PROVIDER = "" # DDP cloudflare if enable CLOUDFLARE_API_KEY
	DEFAULT_HOST = "defaultvhost" # DHOST
	DISABLEGENSSL = "false"
	DISABLE_PROXY_PROTOCOL = "false"
	ELOGLEVEL = ""
	EWAF = "false" # enable or disable modsecurity waf
	HTTPS_METHOD = "redirect" # [HMDEFAULT]
	STREAM_PORT = "443" # SPORT
	TIMEOUT_SSL_CHECK = "5s"
	UPSTREAMCHECKTYPE = "http"
	UPSTREAMCHEKFALL = "5"
	UPSTREAMCHEKFORONESERVER = "true"
	UPSTREAMCHEKINTERVAL = "2000"
	UPSTREAMCHEKRISE = "1"
	UPSTREAMCHEKTIMEOUT = "5000"
	# Related to default server
	DAVAUTH = "" # If DAVDIR (other than empty), Davauth is Basic Authen for WebDav if different, Format User: Password
	DAVDIR = "" # Enable webdav for directory DAVDIR
	WHITELISIPS = '' # List of IPs that allow access for all servers, in addition to this IPS, it will return 403 [ip1,ip2..ipn]
	BLACKLISIPS = '' # List of IPs that deny access for all servers, request will return 403 [ip1,ip2..ipn]