Add HTTPS reverse proxy with self-signed 100-year cert

- Nginx reverse proxy with WebUI and REST API for configuration - Self-signed SSL certificate with own CA (100 years validity) - Domain-based and IP/port-based routing - Docker setup with host network mode - All settings configurable via .env Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 15:32:00 +02:00
parent 3d35e1ab92
commit 411a8b8ddb
9 changed files with 936 additions and 0 deletions
@@ -0,0 +1,24 @@
+FROM nginx:alpine
+
+# Install Python, pip, openssl
+RUN apk add --no-cache python3 py3-pip openssl bash \
+    && python3 -m venv /opt/venv
+
+ENV PATH="/opt/venv/bin:$PATH"
+
+# Install Python dependencies
+COPY app/requirements.txt /app/requirements.txt
+RUN pip install --no-cache-dir -r /app/requirements.txt
+
+# Copy application files
+COPY app/ /app/
+COPY nginx/nginx.conf /etc/nginx/nginx.conf.template
+COPY nginx/entrypoint.sh /entrypoint.sh
+COPY certs/generate-certs.sh /certs/generate-certs.sh
+
+RUN chmod +x /entrypoint.sh /certs/generate-certs.sh \
+    && mkdir -p /data /etc/nginx/conf.d
+
+# No EXPOSE needed - running in host network mode
+
+ENTRYPOINT ["/entrypoint.sh"]