From 2fe26e3b8a0ecf85e2163c6fc440ca02769668b4 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Thu, 22 Sep 2022 14:17:49 -0400 Subject: [PATCH 1/4] Add entries for cdsi.signal.org --- data/nginx-relay/nginx.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/data/nginx-relay/nginx.conf b/data/nginx-relay/nginx.conf index 400120b..c7340c6 100644 --- a/data/nginx-relay/nginx.conf +++ b/data/nginx-relay/nginx.conf @@ -15,6 +15,7 @@ stream { cdn.signal.org signal-cdn; cdn2.signal.org signal-cdn2; api.directory.signal.org directory; + cdsi.signal.org cdsi; contentproxy.signal.org content-proxy; uptime.signal.org uptime; api.backup.signal.org backup; @@ -44,6 +45,10 @@ stream { server api.directory.signal.org:443; } + upstream cdsi { + server cdsi.signal.org:443; + } + upstream content-proxy { server contentproxy.signal.org:443; } From 79b96cad6e11bf6fcfaa264540198783a9ed08b2 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Thu, 22 Sep 2022 15:40:24 -0400 Subject: [PATCH 2/4] Expose Certbot ports --- data/nginx-terminate/nginx.conf | 2 +- docker-compose.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/data/nginx-terminate/nginx.conf b/data/nginx-terminate/nginx.conf index 61f0e6a..f3efd13 100644 --- a/data/nginx-terminate/nginx.conf +++ b/data/nginx-terminate/nginx.conf @@ -10,7 +10,7 @@ http { listen 80; location /.well-known/acme-challenge/ { - root /var/www/certbot; + alias /var/www/certbot/; } } } diff --git a/docker-compose.yml b/docker-compose.yml index a3b3635..828ef3d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,7 @@ services: - ./data/certbot/www:/var/www/certbot ports: - "443:443" + - "80:80" command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; /opt/nginx/sbin/nginx -s reload; done & /opt/nginx/sbin/nginx -c /etc/nginx/conf.d/nginx.conf -g \"daemon off;\"'" nginx-relay: build: ./nginx-relay/ From 7d03721445ae547e1e8a0cf500e4c5409e1b1767 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Thu, 22 Sep 2022 18:35:46 -0400 Subject: [PATCH 3/4] Return 404 by default --- data/nginx-terminate/nginx.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/data/nginx-terminate/nginx.conf b/data/nginx-terminate/nginx.conf index f3efd13..00a21c7 100644 --- a/data/nginx-terminate/nginx.conf +++ b/data/nginx-terminate/nginx.conf @@ -12,6 +12,10 @@ http { location /.well-known/acme-challenge/ { alias /var/www/certbot/; } + + location / { + return 404; + } } } From ac94d6b869f942ec05d7ef76840287a1d1f487f9 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Thu, 22 Sep 2022 19:20:45 -0400 Subject: [PATCH 4/4] Add update instructions to the README --- README.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c7cab1f..1d70bb2 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Signal TLS Proxy -To run a Signal TLS proxy, you will need a host with a domain name that has ports 80 and 443 available. +To run a Signal TLS proxy, you will need a host that has ports 80 and 443 available and a domain name that points to that host. 1. Install docker and docker-compose (`apt update && apt install docker docker-compose`) 1. Ensure your current user has access to docker (`adduser $USER docker`) @@ -9,3 +9,13 @@ To run a Signal TLS proxy, you will need a host with a domain name that has port 1. `docker-compose up --detach` Your proxy is now running! You can share this with the URL `https://signal.tube/#` + +## Updating from a previous version + +If you've previously run a proxy, please update to the most recent version by pulling the most recent changes from `main`, then restarting your Docker containers: + +```shell +git pull +docker-compose down +docker-compose up --detach +```