joao.goncalves
/
NgixProxy_Pathfinder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,222 Commits 3 Branches 0 Tags 6.7 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
João Pedro Toledo Goncalves 5a73c9a116 fix(ssl): chmod 644 keys to allow modsec access in shared volume 2026-01-27 09:43:57 -03:00
João Pedro Toledo Goncalves 78d56417c5 fix(nginx/ssl): remove dup location and fix renew script date/empty logic 2026-01-27 09:22:49 -03:00
João Pedro Toledo Goncalves 142ca3c670 feat(ssl): fix bootstrap loop with self-signed generation fallback 2026-01-27 09:20:47 -03:00
João Pedro cd1a164114 feat(infra): Full migration to containerized NGINX with WAF and Auto-SSL 
Major infrastructure upgrade implementing:
1. Architecture
   - Containerized NGINX with custom Alpine build (Brotli + Headers More)
   - ModSecurity WAF (OWASP CRS) as a sidecar/frontend service
   - Fail2ban service monitoring logs for bot/attack mitigation

2. SSL Automation
   - Integrated Certbot with custom daily validation scripts
   - Automatic 3-day expiry detection and renewal
   - Smart ACME challenge injection for all sites

3. Configuration
   - Migrated 28 site configs to modular structure (conf.d/)
   - Created reusable snippets (Rate Limiting, Security Maps, Caching)
   - Fixed deprecated HTTP/2 syntax and ModSecurity directives

4. Documentation
   - Added GEMINI.md with full architectural overview
   - Cleanup of legacy files
 2026-01-22 13:14:18 -03:00