From 79f40608ea4c24ed5c24f83b34a790371eba8e6c Mon Sep 17 00:00:00 2001
From: Rafael Zago <rafaelvzago@gmail.com>
Date: Mon, 6 Jan 2025 15:10:46 -0300
Subject: [PATCH] Simple http2 server config

Signed-off-by: Rafael Zago <rafaelvzago@gmail.com>
---
 Dockerfile              |   3 -
 README.md               | 175 ++++++++++++++++++++--------------------
 certs/server.crt        |  22 -----
 certs/server.key        |  28 -------
 custom-nginx-http2.conf |  39 ---------
 custom-nginx.conf       |   6 +-
 html/index.html         |  12 +--
 7 files changed, 92 insertions(+), 193 deletions(-)
 delete mode 100644 certs/server.crt
 delete mode 100644 certs/server.key
 delete mode 100644 custom-nginx-http2.conf

diff --git a/Dockerfile b/Dockerfile
index 932e34c..bc18090 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -39,9 +39,6 @@ RUN wget -O go.tar.gz $GO_URL && \
     tar -C /usr/local -xzf go.tar.gz && \
     rm go.tar.gz
 
-# Add SSL certificates
-COPY certs /etc/nginx/certs
-
 # Set Go path
 ENV PATH="/usr/local/go/bin:${PATH}"
 
diff --git a/README.md b/README.md
index 6c0a8c0..b0ea5e6 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,19 @@
+Here's the updated README that includes both the new HTTP/2 examples and the original `ping` example:
+
+---
+
 # Lanyard - A Versatile Networking Toolkit Docker Image
 
-**Lanyard** is a Docker image based on Alpine Linux that includes a comprehensive set of networking tools along with a simple Flask API. This image allows you to either run the Flask application or execute any of the included networking utilities directly.
+**Lanyard** is a Docker image based on Alpine Linux that includes a comprehensive set of networking tools and a lightweight Nginx server with HTTPS and HTTP/2 support. This image allows you to serve static files securely or execute any of the included networking utilities directly.
 
 ## Table of Contents
 
 - [Included Tools](#included-tools)
 - [Getting Started](#getting-started)
-  - [Running the Flask API](#running-the-flask-api)
+  - [Running Nginx](#running-nginx)
   - [Running Networking Tools](#running-networking-tools)
-- [Flask Application](#flask-application)
+- [Nginx Configuration](#nginx-configuration)
+- [HTTP/2 Support](#http2-support)
 - [Building the Docker Image Locally](#building-the-docker-image-locally)
 - [Usage Examples](#usage-examples)
 - [Notes](#notes)
@@ -17,6 +22,7 @@
 
 The Docker image includes the following tools:
 
+- `bash`
 - `curl`
 - `traceroute`
 - `openssl`
@@ -36,27 +42,27 @@ The Docker image includes the following tools:
 - `coreutils`
 - `mongodb-tools`
 - `postgresql-client`
-- `py3-flask`
 - **Go** (installed minimally)
+- `nginx`
 
 ## Getting Started
 
-### Running the Flask API
+### Running Nginx
 
-To run the Flask API, execute the following command:
+To run the Nginx server:
 
 ```sh
-docker run --rm -d -p 5000:5000 quay.io/rzago/lanyard:latest
+docker run --rm -d -p 8080:8080 quay.io/rzago/lanyard:latest
 ```
 
 - `--rm`: Automatically removes the container when it exits.
 - `-d`: Runs the container in detached mode.
-- `-p 5000:5000`: Maps port 5000 of the host to port 5000 of the container.
+- `-p 8080:8080`: Maps port 8080 of the host to port 8080 of the container.
 
-Once the container is running, you can access the API at [http://localhost:5000/](http://localhost:5000/). You should see the message:
+Once the container is running, you can access the server at [http://localhost:8080](http://localhost:8080). You will see the response:
 
 ```
-Hello, World from Lanyard!
+<h1>Hello from Lanyard</h1>
 ```
 
 ### Running Networking Tools
@@ -81,121 +87,112 @@ PING google.com (142.250.79.14): 56 data bytes
 round-trip min/avg/max = 7.189/7.298/7.509 ms
 ```
 
-## Flask Application
+## Nginx Configuration
 
-The Flask application (`app.py`) included in the image is a simple "Hello World" app:
+### Default Configuration
 
-```python
-from flask import Flask
+- **HTTP/2 and HTTP/1.1:** Nginx supports both HTTP/2 and HTTP/1.1. 
+- **Static Files:** Static files are served from `/usr/share/nginx/html`.
 
-app = Flask(__name__)
+### Custom Configuration
 
-@app.route('/')
-def hello_world():
-    return 'Hello, World from Lanyard!'
+You can mount custom Nginx configuration files to modify the server's behavior:
 
-if __name__ == '__main__':
-    app.run(host='0.0.0.0')
+```sh
+docker run --rm -d -p 8080:8080 -v $(pwd)/my-nginx.conf:/etc/nginx/nginx.conf quay.io/rzago/lanyard:latest
 ```
 
-## Building the Docker Image Locally
+## HTTP/2 Support
 
-If you prefer to build the Docker image locally, use the provided `Dockerfile`:
+Nginx in the Lanyard image supports HTTP/2. Below are examples demonstrating HTTP/2 and HTTP/1.1 behavior:
 
-```dockerfile
-FROM alpine:latest
-
-# Install base tools
-RUN apk update && apk add --no-cache \
-    curl \
-    traceroute \
-    openssl \
-    iperf \
-    wget \
-    busybox-extras \
-    nmap \
-    netcat-openbsd \
-    tcpdump \
-    mtr \
-    socat \
-    bind-tools \
-    iproute2 \
-    openssh-client \
-    python3 \
-    procps \
-    coreutils \
-    mongodb-tools \
-    postgresql-client \
-    py3-flask
-
-# Install Go separately in a minimal way
-RUN apk add --no-cache --virtual .build-deps go && \
-    mkdir -p /usr/local/go/bin && \
-    mv /usr/bin/go /usr/local/go/bin/ && \
-    apk del .build-deps
-
-# Copy the Flask app
-COPY app.py /app.py
-
-# Expose port 5000 for the Flask app
-EXPOSE 5000
-
-# Default command to run the Flask app
-CMD ["python3", "/app.py"]
-```
-
-**Build the image:**
+#### Testing HTTP/2
 
 ```sh
-docker build -t lanyard .
+curl --http2 --http2-prior-knowledge http://localhost:8080
 ```
 
-## Usage Examples
+Output:
 
-Here are some examples of how to use the Docker image to run various networking tools.
+```html
+<h1>Hello from Lanyard</h1>
+```
 
-### Run `ping`
+#### Testing HTTP/1.1
 
 ```sh
-docker run --rm lanyard ping -c 4 google.com
+curl http://localhost:8080
 ```
 
-### Run `traceroute`
+Output:
 
-```sh
-docker run --rm lanyard traceroute google.com
+```html
+<h1>Hello from Lanyard</h1>
 ```
 
-### Run `curl`
+#### Inspecting HTTP Headers (HTTP/1.1)
 
 ```sh
-docker run --rm lanyard curl -I https://www.google.com
+curl -I http://localhost:8080
+```
+
+Output:
+
+```
+HTTP/1.1 200 OK
+Server: nginx/1.26.2
+Date: Mon, 06 Jan 2025 18:06:29 GMT
+Content-Type: text/html
+Content-Length: 29
+Last-Modified: Mon, 06 Jan 2025 18:06:06 GMT
+Connection: keep-alive
+ETag: "677c1b8e-1d"
+Accept-Ranges: bytes
 ```
 
-### Run `nmap`
+#### Inspecting HTTP Headers (HTTP/2)
 
 ```sh
-docker run --rm lanyard nmap -sV google.com
+curl -I --http2 --http2-prior-knowledge http://localhost:8080
+```
+
+Output:
+
+```
+HTTP/2 200
+server: nginx/1.26.2
+date: Mon, 06 Jan 2025 18:06:39 GMT
+content-type: text/html
+content-length: 29
+last-modified: Mon, 06 Jan 2025 18:06:06 GMT
+etag: "677c1b8e-1d"
+accept-ranges: bytes
 ```
 
-### Run `iperf`
+## Building the Docker Image Locally
+
+If you prefer to build the Docker image locally, use the provided `Dockerfile`:
 
 ```sh
-# As an iperf server
-docker run --rm -p 5201:5201 lanyard iperf -s
+docker build -t lanyard .
+```
 
-# As an iperf client
-docker run --rm lanyard iperf -c <server_ip>
+## Usage Examples
+
+### Run `ping`
+
+```sh
+docker run --rm lanyard ping -c 4 google.com
 ```
 
-## Notes
+### Serve Custom Static Files
+
+Mount a directory containing your static files:
 
-- **Default Behavior:** If no command is specified, the container will run the Flask API.
-- **Overriding the Command:** You can run any of the included tools by specifying the command after the image name.
-- **Exposed Ports:** Ensure that the ports you intend to use are not blocked by your firewall or used by other applications.
-- **Networking:** When running networking tools, you might need to adjust Docker's network settings depending on your environment.
-- **Alpine Linux:** The image is based on Alpine Linux for a minimal footprint.
+```sh
+docker run --rm -d -p 8080:8080 -v $(pwd)/html:/usr/share/nginx/html quay.io/rzago/lanyard:latest
+```
 
 ---
 
-Feel free to contribute or raise issues if you encounter any problems. Enjoy using Lanyard for all your networking needs!
\ No newline at end of file
+Feel free to contribute or raise issues if you encounter any problems. Enjoy using Lanyard for all your networking and lightweight web-serving needs!
diff --git a/certs/server.crt b/certs/server.crt
deleted file mode 100644
index 17f7683..0000000
--- a/certs/server.crt
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDjzCCAnegAwIBAgIUfdZ8Ly8SwXIY/4q/SoKVHnJUh6gwDQYJKoZIhvcNAQEL
-BQAwVzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5
-MRUwEwYDVQQKDAxPcmdhbml6YXRpb24xEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0y
-NTAxMDYxNzEwMzZaFw0yNjAxMDYxNzEwMzZaMFcxCzAJBgNVBAYTAlVTMQ4wDAYD
-VQQIDAVTdGF0ZTENMAsGA1UEBwwEQ2l0eTEVMBMGA1UECgwMT3JnYW5pemF0aW9u
-MRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCW7KMzIbMT1jecJt9Q2i2FgPy4+hl3U0/hVP2H+T4uPvAeKtonlSX57clL
-4a6yGDY87fagPpgr4fI0qwmCc+koTZk1J8y2TPEwAguQSaOIQ72e+LtgYvRoAjlz
-9LE5SNGGiUVX41L4KkJn0VPpNz8f8zg6kyIKrmntw/QXWGiWlzbsCzBCq8xWMrRb
-LcWrZ2YI3ovoCEvCy+fVOSvwVZFwyFZVTM/G0QiNMeNqJPRGqMaxpX6U1iSlBHt5
-Gj1dCaIsW8EdqxqO4OrQeCcMfTFPPB7YC+tLe7olhdADJa0M/nlZv1ttxf8KABUk
-/cyM8Nrqhe3erE1fmPFqNhUhO7xnAgMBAAGjUzBRMB0GA1UdDgQWBBQsi8aD+mUb
-xZJMR6MxfwQHZTYGTjAfBgNVHSMEGDAWgBQsi8aD+mUbxZJMR6MxfwQHZTYGTjAP
-BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAIIth3eOjtPj5ZK1b/
-yCvY3jZrvrtoZ+LIuKwlURi4IrjLgLEDpIrm8I6nD0mBejr/wzFW7LX843QBi6av
-JIovFNqDKMHHDgaeFiKVE9PXBbabFkhyCZFAwH+wrq9/MIriLnjceuWIgDTGmsZ3
-LyDHV4Xa0JzCyey2M+Ap9q3gXxrUQewRXit07GPcfgPqy7gFe8hXknuMHQMy99Bn
-qm5UyZLm0989XT0B4A+/9vU7wo1czImNcgkDzs4fCNExIbKVysCwuv/g/YvIAfDJ
-/0hA2vmEdwM1mOQBmSCqoWtmAqypOpA9RK/GZ+RWbGxULXCSRkcxe4WhqYGeg/5s
-iGSI
------END CERTIFICATE-----
diff --git a/certs/server.key b/certs/server.key
deleted file mode 100644
index 0a085a5..0000000
--- a/certs/server.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCW7KMzIbMT1jec
-Jt9Q2i2FgPy4+hl3U0/hVP2H+T4uPvAeKtonlSX57clL4a6yGDY87fagPpgr4fI0
-qwmCc+koTZk1J8y2TPEwAguQSaOIQ72e+LtgYvRoAjlz9LE5SNGGiUVX41L4KkJn
-0VPpNz8f8zg6kyIKrmntw/QXWGiWlzbsCzBCq8xWMrRbLcWrZ2YI3ovoCEvCy+fV
-OSvwVZFwyFZVTM/G0QiNMeNqJPRGqMaxpX6U1iSlBHt5Gj1dCaIsW8EdqxqO4OrQ
-eCcMfTFPPB7YC+tLe7olhdADJa0M/nlZv1ttxf8KABUk/cyM8Nrqhe3erE1fmPFq
-NhUhO7xnAgMBAAECggEALxQ/LnaPMZtrunKny8VbWN9tNliR9BaRfvVvpuhZfLyW
-U5rDdYCBma6S0fBi+dwyoxwKCF+uQVYYo1RNQZvdufxG0/2HzsA+pl6k88v8zsdu
-0bW+YalMm1tCR8knNXrhHUoZzvozCgXItDDor4HT16gbvK3j+xgAJDKxpEyoR30G
-VuOJqeFMXDjLEaOrQZG7uI7ymNfqOWUmJwNe0um0SPIb6nzgcyUc5vs5Eodjj2Wh
-g3b2zB+jxbC/kc0yITCyiZwg2Wu940Hovs1ALJrs1i1QiC8lbvCLaqVBI69GtCU7
-ObZ7gB49cp4KdTCV9HRmjDM1zpOV4UQOhO0l+kBJgQKBgQDOSpGm/zlP2Q2Z/7pP
-M0dH3xyQgG/MQ3BjAdwF0lD2egjkIJ1374OMZeCbE/cB7iqcehGSWeUcu0ZbPaT+
-fkrHA26CIVM2f1XQj1tNK2mTznqkKxSix7LirFi0OpgipZ+XdSCaVtQZ8WDUkmTO
-ubgQo2OM0i4Cqu9MdP3clN+j5wKBgQC7SqpSjfL/9EL1ctPEV7Fastf88pF3RdAR
-2ZZQuIyeyZzK1mnLgmgmkZFbzKdTChgvLLvYzplmqlEfRHVNhDFLcZKo/Ix+RefB
-UXXsMeT4aE3W2J9udNIVwC6Ou5fl4vXgzEyXuIx1ASL5OujYMex12EouYtxxADXq
-ccbp9aATgQKBgH96n0V2hMEuHXSkDkrxIkRswKcfZ3bv2dylAoVqcXPO9/2ZlhXO
-ohk5v7G1hbfgqN5npMIu4SF/LTwm/PXzr1wKZ9jspRKRX8NxQ3eNs0GOoEUhBjCN
-faML5AkECI2okdWzoMEflRSvECpsiPUi2XcWsOcN3zbw0M4LofEU4prTAoGATvAr
-VVwqvSJQTm81Ph3PzHBwhFYgZWrxRXS13BPMgOhswzkXogS2rPrRjyV0qJUqmEd8
-bOa21QSX6FvMLP24YRnfPIYlGNuR0HLrBsAIx4H+vLzUhZOLMEut087ROL0t8K9q
-4M+Rs4blHLJtjSGNjiW5Lk/QpXf3QXbu5ZD3BQECgYEAsUpTqPqDIFikuJ2nqsg2
-KPM2uLpJffgI4bFv4fm0raO9kfpcKB832/f5Ru+S8XVFwtKPNCwT6Jmu8gA9+fSq
-PUO4OzP8TIy/rmSaMeoAEM0tXsHNmXJqNmYlkBHjSJnIMDXgJOfDYOrTtkzHFK35
-F1Wk6ilBnv4HTLebA/03vns=
------END PRIVATE KEY-----
diff --git a/custom-nginx-http2.conf b/custom-nginx-http2.conf
deleted file mode 100644
index 1203764..0000000
--- a/custom-nginx-http2.conf
+++ /dev/null
@@ -1,39 +0,0 @@
-worker_processes auto;
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
-
-    sendfile on;
-    keepalive_timeout 65;
-
-    server {
-        listen 443 ssl http2; # Enable SSL and HTTP/2
-        server_name _;
-
-        ssl_certificate /etc/nginx/certs/server.crt; # Path to the SSL certificate
-        ssl_certificate_key /etc/nginx/certs/server.key; # Path to the SSL key
-
-        location / {
-            root /usr/share/nginx/html;
-            index index.html;
-        }
-
-        error_page 404 /404.html;
-        location = /404.html {
-            root /usr/share/nginx/html;
-        }
-    }
-
-    # HTTP Redirect to HTTPS
-    server {
-        listen 80;
-        server_name _;
-        return 301 https://$host$request_uri;
-    }
-}
-
diff --git a/custom-nginx.conf b/custom-nginx.conf
index dde41a6..971009a 100644
--- a/custom-nginx.conf
+++ b/custom-nginx.conf
@@ -3,9 +3,13 @@ events {}
 http {
     server {
         listen 8080;
+        http2 on;
+
+        root /usr/share/nginx/html;  # Set the root directory for your static files
+        index index.html;            # Specify the default index file
 
         location / {
-            return 200 "Hello, Lanyard!";
+            try_files $uri $uri/ =404;  # Ensure files in the root directory are served
         }
     }
 }
diff --git a/html/index.html b/html/index.html
index 26dc6a2..a6c3ad2 100644
--- a/html/index.html
+++ b/html/index.html
@@ -1,12 +1,2 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Welcome</title>
-</head>
-<body>
-    <h1>Hello from Lanyard</h1>
-</body>
-</html>
+<h1>Hello from Lanyard</h1>