Chewing_Bever
/
self-hosting
Archived
1
0
Fork 0
Code Issues 10 Pull Requests 13 Projects Releases Wiki Activity

Added site configs; updated some stuff

pull/3/head
Jef Roosens 2021-01-05 13:26:59 +01:00
parent 102aaa59e4
commit da1df2e798
8 changed files with 43 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nginx/config/http → nginx/config/conf.d/http.conf
View File

@ -1,8 +1,8 @@
http { http {
# SSL CONFIGURATION # SSL CONFIGURATION
# Key locations # Key locations
ssl_certificate /etc/letsencrypt/live/karaoke.roosens.me/fullchain.pem; ssl_certificate /etc/letsencrypt/live/your.domain.here/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/karaoke.roosens.me/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/your.domain.here/privkey.pem;
# Allowed protocols # Allowed protocols
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
@ -21,5 +21,5 @@ http {
# LOAD SITES # LOAD SITES
include conf.d/sites_enabled/*.conf; include sites_enabled/*.conf;
} }

2
nginx/config/nginx.conf
View File

@ -5,4 +5,4 @@ user nginx nginx;
worker_processes auto; worker_processes auto;
# Load config segments # Load config segments
include conf.d/http; include conf.d/*;

19
nginx/config/sites-available/firefly-iii.conf 100644
View File

@ -0,0 +1,19 @@
server {
listen 443 ssl;
server_name PLACEHOLDER;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
resolver 127.0.0.11;
proxy_pass http://firefly_app_1:8080;
}
}

11
nginx/config/sites-available/portainer.conf 100644
View File

@ -0,0 +1,11 @@
server {
listen 443 ssl;
server_name PLACEHOLDER;
location / {
proxy_set_header Connection "upgrade";
resolver 127.0.0.11;
proxy_pass http://portainer_app_1:9000;
}
}

10
nginx/docker-compose.yml
View File

@ -1,19 +1,23 @@
version: '3.5' version: '3.5'
services: services:
nginx: app:
build: './nginx' build: './nginx'
image: 'nginx-certbot:stable-alpine' image: 'nginx-certbot:stable-alpine'
env_file:
- 'nginx.env.example'
networks:
- 'nginx'
ports: ports:
- '80:80' - '80:80'
- '443:443' - '443:443'
networks:
- 'nginx'
volumes: volumes:
- 'certs:/etc/letsencrypt' - 'certs:/etc/letsencrypt'
- './config:/etc/nginx/conf.d' - './config:/etc/nginx/conf.d'
networks: networks:
nginx: nginx:
external: true
volumes: volumes:
certs: certs:

0
nginx/.env.example → nginx/nginx.env.example
View File

4
nginx/nginx/entrypoint.sh
View File

@ -1,8 +1,4 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# Should be passed as env vars
# DOMAINS=suzy.roosens.me,next.roosens.me,tm.roosens.me
# EMAIL=roosensjef@gmail.com
certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand
/usr/sbin/nginx -g "daemon off;" /usr/sbin/nginx -g "daemon off;"

2
portainer/docker-compose.yml
View File

@ -9,6 +9,8 @@ services:
- 'com.centurylinklabs.watchtower.enable=true' - 'com.centurylinklabs.watchtower.enable=true'
networks: networks:
- 'nginx' - 'nginx'
ports:
- '8000:8000'
volumes: volumes:
- '/var/run/docker.sock:/var/run/docker.sock' - '/var/run/docker.sock:/var/run/docker.sock'
- 'data:/data' - 'data:/data'