Added site configs; updated some stuff

2021-01-05 13:26:59 +01:00 · 2021-01-05 13:26:59 +01:00 · da1df2e798
parent 102aaa59e4
commit da1df2e798
8 changed files with 43 additions and 11 deletions
--- a/nginx/config/conf.d/http.conf
+++ b/nginx/config/conf.d/http.conf
@ -1,8 +1,8 @@
 http {
    # SSL CONFIGURATION
    # Key locations
-    ssl_certificate     /etc/letsencrypt/live/karaoke.roosens.me/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/karaoke.roosens.me/privkey.pem;
+    ssl_certificate     /etc/letsencrypt/live/your.domain.here/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/your.domain.here/privkey.pem;

    # Allowed protocols
    ssl_protocols TLSv1.2;
@ -21,5 +21,5 @@ http {


    # LOAD SITES
-    include conf.d/sites_enabled/*.conf;
+    include sites_enabled/*.conf;
 }
--- a/nginx/config/nginx.conf
+++ b/nginx/config/nginx.conf
@ -5,4 +5,4 @@ user nginx nginx;
 worker_processes auto;

 # Load config segments
-include conf.d/http;
+include conf.d/*;
--- a/nginx/config/sites-available/firefly-iii.conf
+++ b/nginx/config/sites-available/firefly-iii.conf
@ -0,0 +1,19 @@
+server {
+    listen 443 ssl;
+    server_name PLACEHOLDER;
+
+    location / {
+        proxy_set_header Host              $host;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host  $server_name;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Ssl   on;
+        proxy_set_header Upgrade           $http_upgrade;
+        proxy_set_header Connection        "upgrade";
+
+        resolver 127.0.0.11;
+        proxy_pass http://firefly_app_1:8080;
+    }
+}
+
--- a/nginx/config/sites-available/portainer.conf
+++ b/nginx/config/sites-available/portainer.conf
@ -0,0 +1,11 @@
+server {
+    listen 443 ssl;
+    server_name PLACEHOLDER;
+
+    location / {
+        proxy_set_header Connection "upgrade";
+
+        resolver 127.0.0.11;
+        proxy_pass http://portainer_app_1:9000;
+    }
+}
--- a/nginx/docker-compose.yml
+++ b/nginx/docker-compose.yml
@ -1,19 +1,23 @@
 version: '3.5'
 services:
-    nginx:
+    app:
        build: './nginx'
        image: 'nginx-certbot:stable-alpine'
+
+        env_file:
+            - 'nginx.env.example'
+        networks:
+            - 'nginx'
        ports:
            - '80:80'
            - '443:443'
-        networks:
-            - 'nginx'
        volumes:
            - 'certs:/etc/letsencrypt'
            - './config:/etc/nginx/conf.d'

 networks:
    nginx:
+        external: true

 volumes:
    certs:
--- a/nginx/nginx.env.example
+++ b/nginx/nginx.env.example
--- a/nginx/nginx/entrypoint.sh
+++ b/nginx/nginx/entrypoint.sh
@ -1,8 +1,4 @@
 #!/usr/bin/env sh

-# Should be passed as env vars
-# DOMAINS=suzy.roosens.me,next.roosens.me,tm.roosens.me
-# EMAIL=roosensjef@gmail.com
-
 certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand
 /usr/sbin/nginx -g "daemon off;"
--- a/portainer/docker-compose.yml
+++ b/portainer/docker-compose.yml
@ -9,6 +9,8 @@ services:
            - 'com.centurylinklabs.watchtower.enable=true'
        networks:
            - 'nginx'
+        ports:
+            - '8000:8000'
        volumes:
            - '/var/run/docker.sock:/var/run/docker.sock'
            - 'data:/data'