noxious/server
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SSL

Browse Source
This commit is contained in:
Dennis Postma 2025-02-08 05:01:00 +01:00
parent 47d38e36dd
commit daca3d306d
5 changed files with 63 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -12,7 +12,5 @@ RUN npm ci
COPY . .
EXPOSE 4000
# Modify CMD to use tmux
CMD npx mikro-orm-esm migration:up && npm run start

20
docker-compose.yml
View File

@ -1,10 +1,26 @@
services:
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
- ./docker/data/certbot/conf:/etc/letsencrypt
- ./docker/data/certbot/www:/var/www/certbot
depends_on:
- app
networks:
- app-network
restart: unless-stopped
app:
build:
context: .
dockerfile: Dockerfile
ports:
- "${PORT}:${PORT}"
# ports:
# - "${PORT}:${PORT}"
expose:
- "${PORT}"
environment:
- ENV=${ENV}
- HOST=${HOST}

2
docker/data/certbot/conf/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
**
!.gitignore

2
docker/data/certbot/www/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
**
!.gitignore

41
nginx.conf Normal file
View File

@ -0,0 +1,41 @@
events {
worker_connections 1024;
}
http {
upstream socketio_backend {
server app:${PORT};
}
server {
listen 80;
server_name ${HOST};
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name ${HOST};
ssl_certificate /etc/letsencrypt/live/${HOST}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${HOST}/privkey.pem;
location / {
proxy_pass http://socketio_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}