Skip to content

HTML stack documentation

Deployment

CI/CD

CI/CD tutorial

For a detailed instructions of setting up CI/CD workflow see the main deployment article

The following services are CI services that will be built by default:

  • HTTP server: nginx or apache

Containers

Nginx

Nginx can be configured with the following environment variables

Restarting nginx as default user:

sudo nginx -s reload

Do not gzip pages in your application

We already gzip content on Nginx side and it works faster. Having double gzip may cause issues.

Modules

Installed nginx modules.

PageSpeed

Nginx comes with mod_pagespeed which is disabled by default. To enable it add NGINX_PAGESPEED_ENABLED=1 environment variable to Nginx service. For more details see https://github.com/wodby/pagespeed.

ModSecurity + OWASP

Nginx comes with ModSecurity which is disabled by default. To enable it add NGINX_MODSECURITY_ENABLED=1 environment variable to Nginx service. For more details see https://github.com/wodby/modsecurity.

Custom config

If a config preset and available environment variables are not enough for your customizations you can use your own virtual host config:

  1. Copy /etc/nginx/conf.d/vhost.conf to your codebase, adjust to your needs
  2. Deploy code with your config file
  3. Add new environment variable NGINX_CONF_INCLUDE for nginx service, the value should the path to your *.conf file (e.g. /var/www/html/vhost.conf). The specified file will be included in /etc/nginx/nginx.conf

Apache

Restarting apache as default user:

sudo httpd -k restart

See details about virtual host preset.

Changelog

This changelog is for HTML stack on Wodby, to see images changes see tags description on repository page: nginx and Apache.

3.1.9

⬆️ Nginx 1.27.3

3.1.8

⬆️ Nginx 1.27.2

3.1.7

🏔️ Alpine Linux security updates (3.20.3)

1.0.14

  • ⬆️ Nginx 1.27.1, 1.26.2
  • ⬆️ Apache HTTPD 2.4.62

1.0.13

  • Nginx:
    • ⭐️ Added 1.27
    • ⬆️ Updated to 1.26.1
    • 🪦 1.25 has reached end of life
    • ⬆️ Upload progress module updated to 0.9.3
  • ⬆️ Apache HTTPd 2.4.61

1.0.12

  • ⬆️ Apache HTTPd 2.4.59
  • Nginx:
    • ⭐️ Added 1.26
    • ⬆️ Updated to 1.25.5
    • 🪦️ Nginx <= 1.24 has reached EOL

1.0.11

⬆️ Nginx 1.25.4

1.0.10

🏔 Alpine Linux upgraded to 3.19

1.0.9

  • ⬆️ Nginx 1.25.3
  • ⬆️ Apache HTTPd 2.4.58

1.0.8

🏔 Alpine Linux 3.18.4

1.0.7

🏔 Alpine Linux updated to 3.18.3, 3.16.7

1.0.6

⬆️ Nginx 1.25.1

1.0.5

  • ⭐️ Nginx 1.25, 1.24 added
  • 🏔 Alpine Linux upgraded to 3.18 for Apache HTTPD

1.0.4

⬆️ Apache HTTPD 2.4.57

1.0.3

  • ⬆️ Apache HTTPD 2.4.56
  • ⬆️ Nginx 1.23.4
  • 🏔 Alpine Linux upgraded to 3.17.3, 3.16.5

1.0.2

🐞 Incorrect architecture in Alpine Linux https://github.com/alpinelinux/docker-alpine/issues/303#issuecomment-1448126235

1.0.1

🏔 Alpine updated to 3.17.2

1.0.0

  • ⚠️ This version of stack requires server infrastructure 6.0.0+
  • ⬆️ Apache 2.4.55
  • 🏔 Alpine updated to 3.17 for Nginx

0.4.6

⬆️ Nginx 1.23.3

0.4.5

🏔 Base OS Alpine Linux updated to 3.16.3 for some of the images

0.4.3

⬆️ Nginx 1.23.2, 1.22.1

0.4.2

⭐️ Added Nginx 1.23, 1.22

0.4.1

⬆️ Apache 2.4.54

0.4.0

  • ℹ️ This update requires server infrastructure at least 5.9.0
  • 🏔 Alpine Linux updated to 3.15

0.3.6

🏔 Security updates for base OS Alpine Linux

0.3.5

  • ⬆️ Apache HTTPd 2.4.53
  • 🏔 Patch updates for base OS Alpine Linux

0.3.4

⬆️ Nginx 1.21.6

0.3.3

  • ⬆️ Nginx:
    • 📜 Default header Content-Security-Policy can now be changed with $NGINX_HEADERS_CONTENT_SECURITY_POLICY https://github.com/wodby/nginx/pull/69
    • 📜 webp added to the default list of static file extensions
  • ⬆️ Apache 2.4.52

0.3.2

📜 Nginx: added default Content-Security-Policy header (frame-ancestors 'none')

0.3.1

  • Nginx
    • ⭐️ Version 1.21 added
    • 🐞 Bugfix: default headers do not apply with disabled caching

0.3.0

0.2.37

⬆️ Nginx 1.21.4, 1.20.2

0.2.36

➕  Added Nginx 1.21

0.2.35

⬆️  Apache 2.4.48 ⬆️  Nginx 1.20.1

0.2.34

⬆️  Apache 2.4.47

0.2.33

  • Nginx:
    • ⭐️  New major version 1.20 (now latest)
    • ⬆️  Updated to 1.19.10
    • 🪦  1.18 dropped (EOL)
  • 📦  Base OS Alpine Linux updated to 3.13.5

0.2.32

⬆️  Nginx 1.19.8

0.2.31

0.2.30

0.2.29

  • Nginx:
  • ⬆️  Base image Alpine Linux updated to 3.12.3
  • 🦴  ImagePullPolicy changed to IfNotPresent

0.2.28

Nginx 1.19.4

0.2.27

Nginx 1.19.3

0.2.26

  • Apache 2.4.46
  • Nginx 1.19.2

0.2.25

Nginx 1.19.1

0.2.24

  • Nginx: new versions added: 1.19 and 1.18
  • Apache: access to all hidden files except .well-known is now forbidden

0.2.23

  • Nginx:
    • Updated to 1.17.10
    • Access to /wp-content/uploads/woocommerce_uploads is now forbidden
  • Base OS Alpine Linux updated to 3.11.6

0.2.22

0.2.21

  • Nginx:
  • /.well-known URIs excluded from denied hidden files location instead of explicitly allowed
  • Locations wodby.yml and Makefile are now forbidden
  • Apache hidden files, directories, wodby.yml, Makefile and certain extension are now forbidden

0.2.20

  • Nginx:
  • Added liveness checks for Nginx and Apache
  • Improved performance for Apache and Nginx readiness checks

0.2.19

0.2.18

Nginx 1.17.4

0.2.17

  • Nginx 1.17.3, 1.16.1
  • Apache 2.4.41

0.2.16

0.2.15

Nginx updated to 1.17.1

0.2.14

Added new Nginx version 1.17

0.2.13

0.2.12

  • Nginx:
  • ❗️Apache security update: 2.4.39
  • Alpine Linux updated to 3.9.3 for Nginx and Apache

0.2.11

0.2.10

  • Nginx:
  • Patch update: 1.15.9
  • .map added to the list of default static files extensions ($NGINX_STATIC_EXT_REGEX)
  • Bugfix: $NGINX_LOG_FORMAT_OVERRIDE had no effect
  • mod_include added to Apache https://github.com/wodby/apache/issues/6

0.2.9

0.2.8

Update instructions:

  • If you used Nginx pagespeed module, add $NGINX_PAGESPEED_ENABLED=1, if you had $NGINX_PAGESPEED=on you can delete it since it's on by default

0.2.7

  • Nginx:
    • Patch updates: 1.15.6, 1.14.1
    • Nginx now uses real IP set from Edge

0.2.6

  • Nginx:
    • Always try index file for / location before 404
    • Remove outdated *.htm from the default index file
    • Bugfix: txt was missing from the default list of static extensions

0.2.5

0.2.4

  • Apache:
    • Patch update: 2.4.35
    • Option Indexes now disabled by default, can be enabled via $APACHE_INDEXES_ENABLED
  • Nginx patch update: 1.15.4

0.2.3

Nginx: $NGINX_ERROR_PAGE_40x replaced to $NGINX_ERROR_40x_URI

0.2.2

  • Nginx no longer hides 50x errors by default, can be enabled via $NGINX_HIDE_50x_ERRORS
  • Bugfix: env vars $NGINX_ERROR_PAGE_* had no effect
  • Setting $NGINX_VHOST_PRESET to empty value now disables usage of any presets
  • New $NGINX_VHOST_NO_DEFAULTS to disable default rules for virtual host
  • New default 50x error page, new $NGINX_ERROR_MESSAGE_50x to add a message on this page

0.2.1

Do not add trailing slashes for non-directory requests

0.2.0

  • Nginx:
    • Nginx patch update: 1.15.3
    • Bugfix: default 404 page did not work in Nginx
    • 403/404 pages now can be customized
    • Nginx image rebased to Alpine Linux 3.8
    • Extended list of static files extensions
    • $NGINX_STATIC_ that controls settings for handling static content
    • $NGINX_ALLOW_ACCESS_HIDDEN_FILES to control access to files starting with a dot
    • Added pseudo-streaming server-side for .flv files
    • Added pseudo-streaming server-side for .mp4, .mov, .m4a files. See env vars $NGINX_STATIC_MP4_* for configuration
    • Added .well-known location by default
    • Updated default values for open_file_cache settings
    • Default expires for static content set to 7d by default
    • Use $NGINX_LOG_FORMAT_OVERRIDE log format over $NGINX_LOG_FORMAT_SHOW_REAL_IP Apache:
    • MPM modules are now shared and can be configured (event is still the default)

0.1.0

Initial release