Update *

Author: github-actions[bot]

docs/reverse-proxy/reverse-proxy.md

@@ -0,0 +1,113 @@
+### Reverse Proxy
+
+#### Traefik
+
+Take a look at the [traefik](https://github.com/traefik/traefik) implementation:
+
+```yaml
+services:
+  secured-signal:
+    image: ghcr.io/codeshelldev/secured-signal-api:latest
+    container_name: secured-signal
+    environment:
+      API__URL: http://signal-api:8080
+      SETTINGS__VARIABLES__RECIPIENTS:
+        '[+123400002,+123400003,+123400004]'
+      SETTINGS__VARIABLES__NUMBER: "+123400001"
+      API__TOKENS: '[LOOOOOONG_STRING]'
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.signal-api.rule=Host(`signal-api.mydomain.com`)
+      - traefik.http.routers.signal-api.entrypoints=websecure
+      - traefik.http.routers.signal-api.tls=true
+      - traefik.http.routers.signal-api.tls.certresolver=cloudflare
+      - traefik.http.routers.signal-api.service=signal-api-svc
+      - traefik.http.services.signal-api-svc.loadbalancer.server.port=8880
+      - traefik.docker.network=proxy
+    restart: unless-stopped
+    networks:
+      proxy:
+      backend:
+        aliases:
+          - secured-signal-api
+
+networks:
+  backend:
+  proxy:
+    external: true
+```
+
+#### NGINX Proxy
+
+This is the [NGINX](https://github.com/nginx/nginx) `docker-compose.yaml` file:
+
+```yaml
+services:
+  secured-signal:
+    image: ghcr.io/codeshelldev/secured-signal-api:latest
+    container_name: secured-signal-api
+    environment:
+      API__URL: http://signal-api:8080
+      SETTINGS__VARIABLES__RECIPIENTS: "[+123400002,+123400003,+123400004]"
+      SETTINGS__VARIABLES__NUMBER: "+123400001"
+      API__TOKENS: "[LOOOOOONG_STRING]"
+    restart: unless-stopped
+    networks:
+      backend:
+        aliases:
+          - secured-signal-api
+
+  nginx:
+    image: nginx:latest
+    container_name: secured-signal-proxy
+    volumes:
+      - ./nginx.conf:/etc/nginx/conf.d/default.conf
+      # Load SSL certificates: cert.key, cert.crt
+      - ./certs:/etc/nginx/ssl
+    ports:
+      - "443:443"
+      - "80:80"
+    restart: unless-stopped
+    networks:
+      frontend:
+      backend:
+
+networks:
+  backend:
+  frontend:
+```
+
+Create a `nginx.conf` file in the `docker-compose.yaml` folder and mount it to `etc/nginx/conf.d/default.conf`:
+
+```conf
+server {
+    # Allow SSL on Port 443
+    listen 443 ssl;
+
+    # Add allowed hostnames which nginx should respond to
+    # `_` for any
+    server_name localhost;
+
+    ssl_certificate /etc/nginx/ssl/cert.crt;
+    ssl_certificate_key /etc/nginx/ssl/cert.key;
+
+    location / {
+        # Use whatever network alias you set in the docker-compose file
+        proxy_pass http://secured-signal-api:8880;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Fowarded-Proto $scheme;
+    }
+}
+
+# Redirect HTTP to HTTPs
+server {
+    listen 80;
+    server_name localhost;
+    return 301 https://$host$request_uri;
+}
+```
+
+Lastly add your `cert.key` and `cert.crt` into your `certs/` folder and mount it to `/etc/nginx/ssl`.

replace-placeholders.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+
+# Usage: ./replace_placeholders.sh source_file destination_file
+
+template() {
+    local content="$1"
+    
+    # Extract unique placeholders: match { { file.xxx } } with arbitrary spaces
+    local placeholders
+    placeholders=$(printf '%s' "$content" | grep -oP '\{\s*{\s*file\.(.*)\s*}\s*}' | sed -E 's/\{\s*\{\s*file\.//;s/\s*\}\s*\}//' | sort -u)
+
+    for placeholder in $placeholders; do
+        local file_content
+
+        if [[ -f "$placeholder" ]]; then
+            file_content=$(<"$placeholder")
+        
+            if [[ "$placeholder" == *.template.* ]]; then
+                # Template further
+                file_content=$(template "$file_content")
+            fi
+        else
+            file_content="File not found: '$placeholder'."
+        fi
+
+        # Escape special characters
+        local escaped_content
+        local escaped_placeholder
+        escaped_content=$(printf '%s' "$file_content" | perl -pe 's/([\\\/\$])/\\$1/g; s/\n/\\n/g;')
+        escaped_placeholder=$(printf '%s' "$placeholder" | perl -pe 's/([\\\/])/\\$1/g; s/\n/\\n/g;')
+        
+        content=$(printf '%s' "$content" | perl -pe "s/{\s*{\s*file\.${escaped_placeholder}\s*}\s*}/$escaped_content/g")
+    done
+
+    printf '%s' "$content"
+}
+
+write_file() {
+    local file_content="$1"
+    local dest_file="$2"
+
+    # Write to destination file
+    printf '%s\n' "$file_content" > "$dest_file"
+}
+
+template_file() {
+    local source_file="$1"
+    local dest_file="$2"
+
+    # Read the entire source file into a variable
+    local file_content
+    file_content=$(<"$source_file")
+
+    local templated_content
+    templated_content=$(template "$file_content")
+
+    write_file "$templated_content" "$dest_file"
+
+    echo "'$source_file' complete. Output written to '$dest_file'."
+}
+
+SOURCE="$1"
+DEST_FILE="$2"
+
+if [[ -f "$SOURCE" ]]; then
+    template_file "$SOURCE_FILE" "$DEST_FILE"
+elif [[ -d "$SOURCE" ]]; then
+    i=0
+    while IFS= read -r source_file; do
+        file_content=$(<"$source_file")
+
+        first_line=$(printf '%s\n' "$file_content" | head -n 1)
+
+        dest_file=$(echo "$first_line" | sed -n 's/^[[:space:]]*>>\([[:graph:]]\+\)[[:space:]]*$/\1/p')
+
+        if [[ -n "$dest_file" ]]; then
+            file_content=$(printf '%s' "$file_content" | tail -n +2)
+        
+            templated_content=$(template "$file_content")
+
+            write_file "$templated_content" "$dest_file"
+
+            echo "'$source_file' complete. Output written to '$dest_file'."
+        
+            (( i++ ))
+        fi
+    done < <(find "$SOURCE" -type f -name '*.template.md')
+
+    if [[ $i -eq 0 ]]; then
+        echo "Source '$SOURCE' does not contain any '*.template.md'!"
+        exit 1
+    fi
+else
+    echo "Source '$SOURCE' does not exist!"
+    exit 1
+fi