neoris/openvidu-2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,994 Commits 9 Branches 64 Tags
Commit Graph

61 Commits

Author SHA1 Message Date
cruizba
94bb69c418 deployment: Do not use IP level deny for virtual background 2023-03-21 11:30:35 +01:00
pabloFuente
ffb2a1590c Update Docker image base versions of nginx and coturn 2023-03-01 14:05:21 +01:00
pabloFuente
f48e1f805f Add /bin/bash to create_image.sh script 2023-02-28 16:34:03 +01:00
pabloFuente
9a3b7d5ae7 Add /bin/bash to create_image.sh script 2023-02-28 16:32:44 +01:00
cruizba
0919f04fa4 deployment: Update nginx version and bump deployment versions 2022-11-10 14:44:33 +01:00
cruizba
b93b8dd85e deployment: Nginx security improvements: 
- Disable TLSv1.0 and TLSv1.1 by default.
- Use intermediate SSL ciphers following mozilla SSL generator: https://ssl-config.mozilla.org/#server=nginx&version=1.23.1&config=intermediate&openssl=1.1.1&guideline=5.6
- Enable HSTS by default
 2022-11-10 14:43:03 +01:00
cruizba
154cdc2db6 deployment: Update nginx version to 1.23.1 2022-09-21 15:18:56 +02:00
cruizba
ca08e16ac4 deployment: Deprecate old API by default. 2022-09-14 12:04:57 +02:00
Carlos Ruiz Ballesteros
5d354f1f0e
Update new_api_pro.conf 2022-04-28 11:47:15 +02:00
cruizba
b1a44b0f3a deployment: Update base images of openvidu-server, openvidu-server-pro and nginx 2022-04-21 19:46:10 +02:00
cruizba
edfbe3104e deployment: fix nginx main process. Update nginx version 2021-12-16 17:27:32 +01:00
cruizba
110878f4c9 deployment: Add volume to configure custom locations in nginx. This is useful to add reverse proxy or other services to the nginx configuration to default HTTPS_PORT configured 2021-09-30 16:33:08 +02:00
cruizba
f1bb937c60 deployment: Add rule to allow iframe 2021-06-07 10:58:42 +02:00
cruizba
f0705c9cce ci: Improve docker build commands for better consistency 2021-05-12 12:24:18 +02:00
cruizba
19b010a49c deployment: Add rules_access_dashboard to new rules 2021-05-11 14:51:12 +02:00
cruizba
fc51f2f272 Update nginx to 1.20.0 2021-05-11 14:42:21 +02:00
cruizba
7a4435dd51 deployment: Minor fix to elasticsearch redirections 2021-05-11 14:42:04 +02:00
cruizba
c1984b5071 deployment: Export elasticsearch at /openvidu/elasticsearch 2021-03-01 16:03:39 +01:00
cruizba
ff35adf607 deployment: Typo nginx 2021-02-05 11:33:39 +01:00
cruizba
d8beb2147d openvidu-deployment: Parametrize and increased default 'client_max_body_size' to 200M in openvidu-ce and openvidu-pro nginx 2021-02-04 20:57:01 +01:00
Flamenco
018145c90a
Fix typo in output message 2020-12-29 10:19:40 -05:00
cruizba
6f4b701094 openvidu-deployment: Typo delete https listen directive 2020-11-25 12:34:31 +01:00
cruizba
87b5b6ed88 openvidu-deployment: Fix Special characters on delete nginx listen directive 2020-11-25 12:33:35 +01:00
cruizba
9cfd38e892 openvidu-deployment: Support machines with dual stack IPv4/IPv6 in nginx 2020-11-25 12:07:33 +01:00
Carlos Ruiz Ballesteros
56cbef5cc7
Merge pull request #560 from robert-scheck/tls-hardening 
openvidu-proxy: Make TLS version, ciphers and HSTS configurable
 2020-11-23 21:36:13 +01:00
Carlos Ruiz Ballesteros
ed2096c18e
Merge pull request #562 from robert-scheck/nginx-version 
openvidu-proxy: Disable Nginx version information
 2020-11-23 21:32:53 +01:00
Robert Scheck
b35d210466 openvidu-proxy: Disable Nginx version information 
It is a good practice for server hardening to not display any server
component version information, thus this should be disabled for Nginx.
 2020-11-19 11:28:09 +01:00
Robert Scheck
fc92eb7cb4 openvidu-proxy: Make TLS version, ciphers and HSTS configurable 
Allow flexible HTTPS security hardening using run-time configuration,
rather just build-time container/volume layering.
 2020-11-18 22:07:28 +01:00
Robert Scheck
3d0ab7c92e IPv6 listening (RFC 6540) 
Ensure that Nginx listens also additionally on the IPv6 socket if the
operating system inside the container provides IPv6 support. And as per
RFC 6540, IP nowadays means IPv4 and IPv6, not just IPv4-only.
 2020-11-18 19:36:20 +01:00
cruizba
43c5c4b4a5 openvidu-deployment: Print if nginx is using deprecated API 2020-11-09 18:04:41 +01:00
cruizba
0c38d4d9b8 Custom volume to customize nginx 2020-11-09 16:29:35 +01:00
cruizba
d499940495 openvidu-deployment: custom config nginx 2020-11-09 15:33:06 +01:00
cruizba
2113a255e0 openvidu-deployment: Rename default.conf nginx 2020-11-09 15:21:00 +01:00
cruizba
d61c6b89c7 Revert nginx 2020-11-09 15:20:04 +01:00
cruizba
39be78b4e5 openvidu-deployment: Some minor fixes nginx and update versions docker-compose 2020-11-09 14:18:40 +01:00
cruizba
6a73083e7b openvidu-deployment: General updates in nginx and public ip discovering: 
- Add option to redirect www to non-www (REDIRECT_WWW).
- Add endpoint to check nginx workers.
- Custom virtual hosts (Server blocks) can be added by the user to create custom rules in `/opt/openvidu/custom-nginx-vhost`.
- Parametrize `worker_connections` in nginx.conf (WORKER_CONNECTIONS)
- Improve `discover_my_public_ip.sh` to use dns servers instead of http servers
- Posibility to autodiscover ipv6 if available by using `PUBLIC_IP=auto-ipv6` in nginx, `TURN_PUBLIC_IP=auto-ipv6` in coturn and `COTURN_IP=auto-ipv6` in openvidu-server.
By default ipv4 is used.
 2020-11-02 19:46:59 +01:00
cruizba
44bb958da3 deployment: nginx refactor 2020-11-01 21:03:12 +01:00
cruizba
afc6f52f91 deployment-openvidu-ce-and-pro: Add TLSv1.3 and some ssl_chiphers recommended for browsers compatibility: https://ssl-config.mozilla.org/\#server\=nginx\&version\=1.17.7\&config\=intermediate\&openssl\=1.1.1d\&guideline\=5.6 2020-10-15 14:47:53 +02:00
cruizba
f73bafdd7a Safely remove certificates folder 2020-10-15 13:35:15 +02:00
cruizba
bf6defc4de deployment-openvidu-ce-and-pro: Fix nginx error on changing certificate types 2020-10-15 02:23:43 +02:00
cruizba
4eded98ad9 deployment-openvidu-ce: Update nginx to new API rules and use deprecated APIs. 2020-10-14 14:34:21 +02:00
cruizba
df92cca9de Deployment: External and secure Kibana and Elasticsearch in can be configured in OpenVidu Pro Node 2020-09-22 18:19:51 +02:00
OscarSotoSanchez
3b5668d828 Proxy updated for auto renew letscrypt certificated 2020-06-29 16:37:26 +02:00
cruizba
499bd8afc5 Parametrized create_image.sh scripts for CI 2020-06-23 12:11:54 +02:00
OscarSotoSanchez
4eeed8fefd default proxy in specific port 2020-05-08 16:45:11 +02:00
OscarSotoSanchez
f5cfa00871 remove discover_my_public_ip.sh after compile docker image 2020-05-08 14:20:30 +02:00
OscarSotoSanchez
2794372f16 fixed check email in LetsEncrypt mode 2020-05-08 14:15:13 +02:00
OscarSotoSanchez
b463dea010 updated docker-compose 2.14.0-beta1 2020-05-08 12:25:03 +02:00
OscarSotoSanchez
a4d81bdc80 copy discover_my_public_ip.sh when create image 2020-05-08 12:03:34 +02:00
pabloFuente
3bebe99ee5 Docker build: single discover_my_public_ip.sh script 2020-05-05 18:30:38 +02:00