João Pedro
|
3a5d73a485
|
feat(proxy): Implement Zero-Downtime Reload Strategy
- Added scripts/reload.sh and reload.ps1 for safe configuration updates
- Implemented 'nginx -t' validation before reload to prevent crashes
- Leveraged 'nginx -s reload' for process-level Blue-Green updates
- Updated documentation (README.md, GEMINI.md) with new usage instructions
- Fixed nginx.conf to properly scope snippet includes
- Restored missing SSL components (options-ssl-nginx.conf, dhparams) to enable local validation
|
2026-01-22 16:39:02 -03:00 |
|
João Pedro
|
d9a0b14d6f
|
docs: Atualização da documentação sobre ModSecurity (Arquitetura, TODO e README)
|
2026-01-22 16:20:40 -03:00 |
|
João Pedro
|
6b2f1a1af1
|
chore: Migrate legacy configs and add TODO list
|
2026-01-22 13:38:17 -03:00 |
|
João Pedro
|
058d1a22dd
|
docs: Update README.md (pt-BR) and Tech Specs
|
2026-01-22 13:22:58 -03:00 |
|
João Pedro
|
cd1a164114
|
feat(infra): Full migration to containerized NGINX with WAF and Auto-SSL
Major infrastructure upgrade implementing:
1. Architecture
- Containerized NGINX with custom Alpine build (Brotli + Headers More)
- ModSecurity WAF (OWASP CRS) as a sidecar/frontend service
- Fail2ban service monitoring logs for bot/attack mitigation
2. SSL Automation
- Integrated Certbot with custom daily validation scripts
- Automatic 3-day expiry detection and renewal
- Smart ACME challenge injection for all sites
3. Configuration
- Migrated 28 site configs to modular structure (conf.d/)
- Created reusable snippets (Rate Limiting, Security Maps, Caching)
- Fixed deprecated HTTP/2 syntax and ModSecurity directives
4. Documentation
- Added GEMINI.md with full architectural overview
- Cleanup of legacy files
|
2026-01-22 13:14:18 -03:00 |