From cb7e08e717ea24038fca5502fa6e062aef2aed6d Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@diphost.ru>
Date: Tue, 30 Aug 2016 20:09:09 +0300
Subject: [PATCH 1/8] Remove beget/sprutio-nginx, add official nginx with
 custom config and cers

---
 app/init-ssl.sh                |  2 +-
 docker-compose.dev.yml         |  2 +-
 docker-compose.yml             |  6 +--
 nginx/mime.types               | 89 ++++++++++++++++++++++++++++++++++
 nginx.conf => nginx/nginx.conf |  4 +-
 5 files changed, 96 insertions(+), 7 deletions(-)
 create mode 100644 nginx/mime.types
 rename nginx.conf => nginx/nginx.conf (95%)

diff --git a/app/init-ssl.sh b/app/init-ssl.sh
index 83da7ae..af85b28 100755
--- a/app/init-ssl.sh
+++ b/app/init-ssl.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/with-contenv bash
 set -e
 
-cd /app/ssl
+cd /app/nginx/certs
 
 if [ -s sprutio.key -a -s sprutio.crt ]; then
     exit 0
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
index 89ff414..98eb671 100644
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -13,7 +13,7 @@ nginx:
   volumes_from:
     - cron
   volumes:
-    - "./nginx.conf:/etc/nginx/nginx.conf:ro"
+    - "./nginx:/etc/nginx:ro"
     - "./app/public:/app/public:ro"
 
 cron:
diff --git a/docker-compose.yml b/docker-compose.yml
index 6ff67f5..e76a525 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,7 +6,7 @@ app:
   volumes_from:
     - frontend
   volumes:
-    - "./ssl:/app/ssl:rw"
+    - "./nginx/certs:/app/nginx/certs:rw"
     - "./logs:/var/log/fm:rw"
   env_file:
     - "./app.env"
@@ -25,14 +25,14 @@ rpc:
     - "./rpc.env"
 
 nginx:
-  image: beget/sprutio-nginx
+  image: nginx:1.9
   links:
     - app:fm-app
   volumes_from:
     - cron
     - frontend
   volumes:
-    - "./ssl:/app/ssl:ro"
+    - "./nginx:/etc/nginx:ro"
     - "./logs:/var/log/nginx:rw"
   ports:
     - "127.0.0.1:9080:80"
diff --git a/nginx/mime.types b/nginx/mime.types
new file mode 100644
index 0000000..89be9a4
--- /dev/null
+++ b/nginx/mime.types
@@ -0,0 +1,89 @@
+
+types {
+    text/html                             html htm shtml;
+    text/css                              css;
+    text/xml                              xml;
+    image/gif                             gif;
+    image/jpeg                            jpeg jpg;
+    application/javascript                js;
+    application/atom+xml                  atom;
+    application/rss+xml                   rss;
+
+    text/mathml                           mml;
+    text/plain                            txt;
+    text/vnd.sun.j2me.app-descriptor      jad;
+    text/vnd.wap.wml                      wml;
+    text/x-component                      htc;
+
+    image/png                             png;
+    image/tiff                            tif tiff;
+    image/vnd.wap.wbmp                    wbmp;
+    image/x-icon                          ico;
+    image/x-jng                           jng;
+    image/x-ms-bmp                        bmp;
+    image/svg+xml                         svg svgz;
+    image/webp                            webp;
+
+    application/font-woff                 woff;
+    application/java-archive              jar war ear;
+    application/json                      json;
+    application/mac-binhex40              hqx;
+    application/msword                    doc;
+    application/pdf                       pdf;
+    application/postscript                ps eps ai;
+    application/rtf                       rtf;
+    application/vnd.apple.mpegurl         m3u8;
+    application/vnd.ms-excel              xls;
+    application/vnd.ms-fontobject         eot;
+    application/vnd.ms-powerpoint         ppt;
+    application/vnd.wap.wmlc              wmlc;
+    application/vnd.google-earth.kml+xml  kml;
+    application/vnd.google-earth.kmz      kmz;
+    application/x-7z-compressed           7z;
+    application/x-cocoa                   cco;
+    application/x-java-archive-diff       jardiff;
+    application/x-java-jnlp-file          jnlp;
+    application/x-makeself                run;
+    application/x-perl                    pl pm;
+    application/x-pilot                   prc pdb;
+    application/x-rar-compressed          rar;
+    application/x-redhat-package-manager  rpm;
+    application/x-sea                     sea;
+    application/x-shockwave-flash         swf;
+    application/x-stuffit                 sit;
+    application/x-tcl                     tcl tk;
+    application/x-x509-ca-cert            der pem crt;
+    application/x-xpinstall               xpi;
+    application/xhtml+xml                 xhtml;
+    application/xspf+xml                  xspf;
+    application/zip                       zip;
+
+    application/octet-stream              bin exe dll;
+    application/octet-stream              deb;
+    application/octet-stream              dmg;
+    application/octet-stream              iso img;
+    application/octet-stream              msi msp msm;
+
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
+
+    audio/midi                            mid midi kar;
+    audio/mpeg                            mp3;
+    audio/ogg                             ogg;
+    audio/x-m4a                           m4a;
+    audio/x-realaudio                     ra;
+
+    video/3gpp                            3gpp 3gp;
+    video/mp2t                            ts;
+    video/mp4                             mp4;
+    video/mpeg                            mpeg mpg;
+    video/quicktime                       mov;
+    video/webm                            webm;
+    video/x-flv                           flv;
+    video/x-m4v                           m4v;
+    video/x-mng                           mng;
+    video/x-ms-asf                        asx asf;
+    video/x-ms-wmv                        wmv;
+    video/x-msvideo                       avi;
+}
diff --git a/nginx.conf b/nginx/nginx.conf
similarity index 95%
rename from nginx.conf
rename to nginx/nginx.conf
index 8020443..72b7869 100644
--- a/nginx.conf
+++ b/nginx/nginx.conf
@@ -25,8 +25,8 @@ http {
         listen 80 default_server;
         listen 443 default_server ssl;
 
-        ssl_certificate /app/ssl/sprutio.crt;
-        ssl_certificate_key /app/ssl/sprutio.key;
+        ssl_certificate /etc/nginx/certs/sprutio.crt;
+        ssl_certificate_key /etc/nginx/certs/sprutio.key;
 
         # Allow file uploads
         client_max_body_size 2048M;

From 486534f89aa201d42503e2cadedc18d8d2f9b3dc Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Tue, 30 Aug 2016 20:36:23 +0300
Subject: [PATCH 2/8] fix chmod sprutio.key

---
 app/init-ssl.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/init-ssl.sh b/app/init-ssl.sh
index af85b28..867aaa7 100755
--- a/app/init-ssl.sh
+++ b/app/init-ssl.sh
@@ -9,3 +9,5 @@ fi
 
 openssl req -nodes -newkey rsa:4096 -keyout sprutio.key -out sprutio.csr -subj "/C=RU/O=Beget/CN=sprut.io"
 openssl x509 -req -days 365 -in sprutio.csr -signkey sprutio.key -out sprutio.crt
+
+chmod 400 sprutio.key

From 772bffb72cc4dc665c2516896f0fae3dcba93ffb Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Tue, 30 Aug 2016 20:44:53 +0300
Subject: [PATCH 3/8] fix dir chmod

---
 app/init-ssl.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/init-ssl.sh b/app/init-ssl.sh
index 867aaa7..ef0d383 100755
--- a/app/init-ssl.sh
+++ b/app/init-ssl.sh
@@ -10,4 +10,5 @@ fi
 openssl req -nodes -newkey rsa:4096 -keyout sprutio.key -out sprutio.csr -subj "/C=RU/O=Beget/CN=sprut.io"
 openssl x509 -req -days 365 -in sprutio.csr -signkey sprutio.key -out sprutio.crt
 
+chmod 600 ../certs
 chmod 400 sprutio.key

From b784a0861d5912dbf4188abe2b8bdebe15c92dfc Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Wed, 31 Aug 2016 15:12:26 +0300
Subject: [PATCH 4/8] Delete Dockerfile.nginx not need

---
 Dockerfile.nginx | 4 ----
 1 file changed, 4 deletions(-)
 delete mode 100644 Dockerfile.nginx

diff --git a/Dockerfile.nginx b/Dockerfile.nginx
deleted file mode 100644
index 6dc4212..0000000
--- a/Dockerfile.nginx
+++ /dev/null
@@ -1,4 +0,0 @@
-FROM nginx:1.9
-MAINTAINER "Maksim Losev <mlosev@beget.ru>"
-
-COPY nginx.conf /etc/nginx/nginx.conf

From 4402d77af047c6a65c60af3f4fafcf0b432c6a9f Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Wed, 31 Aug 2016 15:38:26 +0300
Subject: [PATCH 5/8] Fix travis.yml after remove sprutio-nginx


From a2a11529f1ddcd9b7ac5271fe7e08d9c1389197a Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Wed, 31 Aug 2016 17:01:04 +0300
Subject: [PATCH 6/8] Chenge nginx to nginx:mainline-alpine

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index e76a525..184b570 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -25,7 +25,7 @@ rpc:
     - "./rpc.env"
 
 nginx:
-  image: nginx:1.9
+  image: nginx:mainline-alpine
   links:
     - app:fm-app
   volumes_from:

From 6ba27eed63d1b6ac8c561324e8017da287a7c589 Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Thu, 1 Sep 2016 15:14:04 +0300
Subject: [PATCH 7/8] Fix certs dir rights

---
 app/init-ssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/init-ssl.sh b/app/init-ssl.sh
index ef0d383..8640c6e 100755
--- a/app/init-ssl.sh
+++ b/app/init-ssl.sh
@@ -10,5 +10,5 @@ fi
 openssl req -nodes -newkey rsa:4096 -keyout sprutio.key -out sprutio.csr -subj "/C=RU/O=Beget/CN=sprut.io"
 openssl x509 -req -days 365 -in sprutio.csr -signkey sprutio.key -out sprutio.crt
 
-chmod 600 ../certs
+chmod 700 ../certs
 chmod 400 sprutio.key

From d64cf966950e34296ea13adda673a02fa0715d99 Mon Sep 17 00:00:00 2001
From: Andrey Fesenko <andrey@bsdnir.info>
Date: Thu, 1 Sep 2016 17:30:35 +0300
Subject: [PATCH 8/8] Remove beget/sprutio-nginx not need

---
 travis/docker-build.sh | 3 ---
 travis/docker-push.sh  | 1 -
 2 files changed, 4 deletions(-)

diff --git a/travis/docker-build.sh b/travis/docker-build.sh
index f9f3d6c..07b3dfc 100755
--- a/travis/docker-build.sh
+++ b/travis/docker-build.sh
@@ -19,9 +19,6 @@ docker build -t beget/sprutio-rpc -f rpc/Dockerfile rpc/
 # app image
 docker build -t beget/sprutio-app -f app/Dockerfile app/
 
-# nginx image
-docker build -t beget/sprutio-nginx -f Dockerfile.nginx ./
-
 # frontend
 docker build -t beget/sprutio-bower -f Dockerfile.bower ./
 docker run -v $PWD/app/public:/app -w /app beget/sprutio-bower bower install --allow-root
diff --git a/travis/docker-push.sh b/travis/docker-push.sh
index 4232dd0..c576535 100755
--- a/travis/docker-push.sh
+++ b/travis/docker-push.sh
@@ -20,7 +20,6 @@ docker login --email=$DOCKER_HUB_EMAIL --username=$DOCKER_HUB_USERNAME --passwor
 docker push beget/sprutio-cron
 docker push beget/sprutio-rpc
 docker push beget/sprutio-app
-docker push beget/sprutio-nginx
 docker push beget/sprutio-frontend
 
 # EOF