From ef0ea60964295f914aefd68add0fd7729f1d48f3 Mon Sep 17 00:00:00 2001
From: Timmo <contact@timmo.xyz>
Date: Sat, 31 Aug 2019 22:58:06 +0100
Subject: [PATCH] :hammer: :arrow_up: Upgrade base and use Hass.io DNS as NGinx
 resolver

---
 .gitlab-ci.yml                                      | 10 +++++-----
 home-panel/Dockerfile                               |  2 +-
 home-panel/build.json                               | 10 +++++-----
 home-panel/rootfs/etc/cont-init.d/nginx.sh          | 13 ++++++++++++-
 home-panel/rootfs/etc/nginx/includes/resolver.conf  |  2 +-
 .../rootfs/etc/nginx/includes/server_params.conf    |  6 +++---
 .../rootfs/etc/nginx/servers/direct-ssl.disabled    |  1 +
 7 files changed, 28 insertions(+), 16 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ce54612..19af574 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,8 +8,8 @@ variables:
 
   ADDON_LEGACY_TAGS: "true"
 
-  ADDON_AARCH64_BASE: "hassioaddons/base-aarch64:4.0.2"
-  ADDON_AMD64_BASE: "hassioaddons/base-amd64:4.0.2"
-  ADDON_ARMHF_BASE: "hassioaddons/base-armhf:4.0.2"
-  ADDON_ARMV7_BASE: "hassioaddons/base-armv7:4.0.2"
-  ADDON_I386_BASE: "hassioaddons/base-i386:4.0.2"
+  ADDON_AARCH64_BASE: "hassioaddons/base-aarch64:4.1.1"
+  ADDON_AMD64_BASE: "hassioaddons/base-amd64:4.1.1"
+  ADDON_ARMHF_BASE: "hassioaddons/base-armhf:4.1.1"
+  ADDON_ARMV7_BASE: "hassioaddons/base-armv7:4.1.1"
+  ADDON_I386_BASE: "hassioaddons/base-i386:4.1.1"
diff --git a/home-panel/Dockerfile b/home-panel/Dockerfile
index b67e610..6efa882 100644
--- a/home-panel/Dockerfile
+++ b/home-panel/Dockerfile
@@ -1,4 +1,4 @@
-ARG BUILD_FROM=hassioaddons/base:4.0.2
+ARG BUILD_FROM=hassioaddons/base:4.1.1
 # hadolint ignore=DL3006
 FROM ${BUILD_FROM}
 
diff --git a/home-panel/build.json b/home-panel/build.json
index 0f9d0e3..5c4e395 100644
--- a/home-panel/build.json
+++ b/home-panel/build.json
@@ -1,11 +1,11 @@
 {
     "args": {},
     "build_from": {
-        "aarch64": "hassioaddons/base-aarch64:4.0.2",
-        "amd64": "hassioaddons/base-amd64:4.0.2",
-        "armhf": "hassioaddons/base-armhf:4.0.2",
-        "armv7": "hassioaddons/base-armv7:4.0.2",
-        "i386": "hassioaddons/base-i386:4.0.2"
+        "aarch64": "hassioaddons/base-aarch64:4.1.1",
+        "amd64": "hassioaddons/base-amd64:4.1.1",
+        "armhf": "hassioaddons/base-armhf:4.1.1",
+        "armv7": "hassioaddons/base-armv7:4.1.1",
+        "i386": "hassioaddons/base-i386:4.1.1"
     },
     "squash": false
 }
diff --git a/home-panel/rootfs/etc/cont-init.d/nginx.sh b/home-panel/rootfs/etc/cont-init.d/nginx.sh
index 8822a67..5ece845 100644
--- a/home-panel/rootfs/etc/cont-init.d/nginx.sh
+++ b/home-panel/rootfs/etc/cont-init.d/nginx.sh
@@ -1,10 +1,13 @@
 #!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: Home Panel
-# Configures NGINX for use with thelounge
+# Configures NGINX for use with Home Panel
 # ==============================================================================
 declare port
 declare certfile
+declare hassio_dns
+declare ingress_interface
+declare ingress_port
 declare keyfile
 
 port=$(bashio::addon.port 80)
@@ -23,3 +26,11 @@ if bashio::var.has_value "${port}"; then
         mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf
     fi
 fi
+
+ingress_port=$(bashio::addon.ingress_port)
+ingress_interface=$(bashio::addon.ip_address)
+sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf
+sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf
+
+hassio_dns=$(bashio::dns.host)
+sed -i "s/%%hassio_dns%%/${hassio_dns}/g" /etc/nginx/includes/resolver.conf
diff --git a/home-panel/rootfs/etc/nginx/includes/resolver.conf b/home-panel/rootfs/etc/nginx/includes/resolver.conf
index 6485af1..65c431d 100644
--- a/home-panel/rootfs/etc/nginx/includes/resolver.conf
+++ b/home-panel/rootfs/etc/nginx/includes/resolver.conf
@@ -1 +1 @@
-resolver 127.0.0.11;
+resolver %%hassio_dns%%;
diff --git a/home-panel/rootfs/etc/nginx/includes/server_params.conf b/home-panel/rootfs/etc/nginx/includes/server_params.conf
index 959e1e3..09c0654 100644
--- a/home-panel/rootfs/etc/nginx/includes/server_params.conf
+++ b/home-panel/rootfs/etc/nginx/includes/server_params.conf
@@ -1,6 +1,6 @@
 root            /dev/null;
 server_name     $hostname;
 
-add_header "X-Content-Type-Options" "nosniff";
-add_header "X-XSS-Protection" "1; mode=block";
-add_header "X-Robots-Tag" "none";
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
+add_header X-Robots-Tag none;
diff --git a/home-panel/rootfs/etc/nginx/servers/direct-ssl.disabled b/home-panel/rootfs/etc/nginx/servers/direct-ssl.disabled
index 10f7b46..ccae456 100644
--- a/home-panel/rootfs/etc/nginx/servers/direct-ssl.disabled
+++ b/home-panel/rootfs/etc/nginx/servers/direct-ssl.disabled
@@ -5,6 +5,7 @@ server {
     include /etc/nginx/includes/ssl_params.conf;
     include /etc/nginx/includes/proxy_params.conf;
 
+    ssl on;
     ssl_certificate /ssl/%%certfile%%;
     ssl_certificate_key /ssl/%%keyfile%%;