From 56df4d6162f4d8f3b88ca26a2d8bff151c6cf2a3 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Wed, 1 Jan 2025 18:01:33 -0700 Subject: [PATCH 1/8] Add TBD's after adding the git service and realizing we have a point of failure. Not critical, would just take HTTP[S] traffic offline if the IP changed. --- Config/DynamicDNS/README.md | 5 +++++ Config/ReverseProxy/README.md | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/Config/DynamicDNS/README.md b/Config/DynamicDNS/README.md index 9946cd2..98222ac 100644 --- a/Config/DynamicDNS/README.md +++ b/Config/DynamicDNS/README.md @@ -5,6 +5,11 @@ dynamic DNS provider. Similar may be possible with sites such as dyn.org or noip.com but are currently not supported in this project. Links to some of these product's self-built solutions can be found below. +## TBD + +This needs to work with the Reverse Proxy configuration to make sure the hosts +file always has the latest IP address. + ## Afraid.org Version 2 Instructions 1. Install this project. diff --git a/Config/ReverseProxy/README.md b/Config/ReverseProxy/README.md index 0a58732..b233acb 100644 --- a/Config/ReverseProxy/README.md +++ b/Config/ReverseProxy/README.md @@ -1,3 +1,8 @@ +# TBD + +This needs to work with the Dynamic DNS configuration to make sure the hosts +file always has the latest IP address. + # Initial Setup Instructions How to first begin using this subproject. 1. Move to the directory of this README. From 7071a8b47cabde4e1c7d87af83d827de052bc047 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Thu, 2 Jan 2025 11:08:15 -0700 Subject: [PATCH 2/8] Add lines necessary to upload files for releases. --- Config/ReverseProxy/config/conf.d/git.example.com | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Config/ReverseProxy/config/conf.d/git.example.com b/Config/ReverseProxy/config/conf.d/git.example.com index 5559cc5..6e07e1f 100644 --- a/Config/ReverseProxy/config/conf.d/git.example.com +++ b/Config/ReverseProxy/config/conf.d/git.example.com @@ -48,6 +48,10 @@ server { root /etc/nginx/letsencrypt/; } + # Allow decent sized uploads. + client_max_body_size 0; + client_body_buffer_size 100M; + # Send traffic to upstream server location / { ## General format is PROTOCOL://SERVER:PORT. From 7f8bb2fe7a99a4b806eb24badad5f22f4af5e017 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 2 Jan 2025 12:36:40 -0700 Subject: [PATCH 3/8] Add example file for Nextcloud. --- .../config/conf.d/cloud.example.com | 76 +++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 Config/ReverseProxy/config/conf.d/cloud.example.com diff --git a/Config/ReverseProxy/config/conf.d/cloud.example.com b/Config/ReverseProxy/config/conf.d/cloud.example.com new file mode 100644 index 0000000..3bad7aa --- /dev/null +++ b/Config/ReverseProxy/config/conf.d/cloud.example.com @@ -0,0 +1,76 @@ +# 2025-01-02 Hyperling +# A dummy test file since true scripts are being kept private. +# This should help others understand how to get Nextcloud working. + +## Instructions ## +# Add this without the comment to your /etc/hosts to test that it is working, +# YOUR_DOCKER_SERVER_IP cloud.example.com +# If testing locally on a workstation, +# 127.0.0.1 cloud.example.com +# Then to test, first start the container, +# cd $DOCKER_HOME/Config/ReverseProxy && docker compose build && docker compose up -d +# Then from the system with the modified /etc/hosts, +# curl --insecure cloud.example.com +# You should see activity in the container log as well as the contents of the +# proxied website in the terminal, NOT cloud.example.com. If using a browser then you +# should notice that the URL is still cloud.example.com but the website is correct. + +server { + listen 80; + server_name cloud.example.com; + + location /.well-known/acme-challenge/ { + default_type "text/plain"; + root /etc/nginx/letsencrypt/; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl; + server_name cloud.example.com; + + ssl_certificate /etc/nginx/certs/cloud.example.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/nginx/certs/cloud.example.com/privkey.pem; # managed by Certbot + + # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#nginx + rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect; + rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect; + + location /.well-known/acme-challenge/ { + default_type "text/plain"; + root /etc/nginx/letsencrypt/; + } + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $proxy_connection; + proxy_set_header X-Forwarded-Host $http_host/office; + + # Send traffic to upstream server + location / { + expires epoch; + add_header Pragma public; + add_header Cache-Control "private, no-store"; + add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"; + + # Fix upload errors (HTTP Error: Request Entity Too Large). + client_max_body_size 0; + client_body_buffer_size 100M; + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.asp + proxy_pass_header Server; + proxy_pass http://hyperling-cloud; + } + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx + location /office/ { + proxy_pass http://hyperling-office-http; + } +} From 8f5c987b739c02827b4a60920fa1c2649c7aa012 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Thu, 2 Jan 2025 12:39:29 -0700 Subject: [PATCH 4/8] revert 7f8bb2fe7a99a4b806eb24badad5f22f4af5e017 Revert change by root. --- .../config/conf.d/cloud.example.com | 76 ------------------- 1 file changed, 76 deletions(-) delete mode 100644 Config/ReverseProxy/config/conf.d/cloud.example.com diff --git a/Config/ReverseProxy/config/conf.d/cloud.example.com b/Config/ReverseProxy/config/conf.d/cloud.example.com deleted file mode 100644 index 3bad7aa..0000000 --- a/Config/ReverseProxy/config/conf.d/cloud.example.com +++ /dev/null @@ -1,76 +0,0 @@ -# 2025-01-02 Hyperling -# A dummy test file since true scripts are being kept private. -# This should help others understand how to get Nextcloud working. - -## Instructions ## -# Add this without the comment to your /etc/hosts to test that it is working, -# YOUR_DOCKER_SERVER_IP cloud.example.com -# If testing locally on a workstation, -# 127.0.0.1 cloud.example.com -# Then to test, first start the container, -# cd $DOCKER_HOME/Config/ReverseProxy && docker compose build && docker compose up -d -# Then from the system with the modified /etc/hosts, -# curl --insecure cloud.example.com -# You should see activity in the container log as well as the contents of the -# proxied website in the terminal, NOT cloud.example.com. If using a browser then you -# should notice that the URL is still cloud.example.com but the website is correct. - -server { - listen 80; - server_name cloud.example.com; - - location /.well-known/acme-challenge/ { - default_type "text/plain"; - root /etc/nginx/letsencrypt/; - } - - location / { - return 301 https://$host$request_uri; - } -} - -server { - listen 443 ssl; - server_name cloud.example.com; - - ssl_certificate /etc/nginx/certs/cloud.example.com/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/nginx/certs/cloud.example.com/privkey.pem; # managed by Certbot - - # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#nginx - rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect; - rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect; - - location /.well-known/acme-challenge/ { - default_type "text/plain"; - root /etc/nginx/letsencrypt/; - } - - # Attempt to make OnlyOffice work both internally and externally. - # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $proxy_connection; - proxy_set_header X-Forwarded-Host $http_host/office; - - # Send traffic to upstream server - location / { - expires epoch; - add_header Pragma public; - add_header Cache-Control "private, no-store"; - add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"; - - # Fix upload errors (HTTP Error: Request Entity Too Large). - client_max_body_size 0; - client_body_buffer_size 100M; - - # Attempt to make OnlyOffice work both internally and externally. - # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.asp - proxy_pass_header Server; - proxy_pass http://hyperling-cloud; - } - - # Attempt to make OnlyOffice work both internally and externally. - # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx - location /office/ { - proxy_pass http://hyperling-office-http; - } -} From c2667399ea18427b8965a0ee2473c97e458c24c6 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Thu, 2 Jan 2025 12:46:26 -0700 Subject: [PATCH 5/8] Add example file for Nextcloud. --- .../config/conf.d/nextcloud.example.com | 76 +++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 Config/ReverseProxy/config/conf.d/nextcloud.example.com diff --git a/Config/ReverseProxy/config/conf.d/nextcloud.example.com b/Config/ReverseProxy/config/conf.d/nextcloud.example.com new file mode 100644 index 0000000..3bad7aa --- /dev/null +++ b/Config/ReverseProxy/config/conf.d/nextcloud.example.com @@ -0,0 +1,76 @@ +# 2025-01-02 Hyperling +# A dummy test file since true scripts are being kept private. +# This should help others understand how to get Nextcloud working. + +## Instructions ## +# Add this without the comment to your /etc/hosts to test that it is working, +# YOUR_DOCKER_SERVER_IP cloud.example.com +# If testing locally on a workstation, +# 127.0.0.1 cloud.example.com +# Then to test, first start the container, +# cd $DOCKER_HOME/Config/ReverseProxy && docker compose build && docker compose up -d +# Then from the system with the modified /etc/hosts, +# curl --insecure cloud.example.com +# You should see activity in the container log as well as the contents of the +# proxied website in the terminal, NOT cloud.example.com. If using a browser then you +# should notice that the URL is still cloud.example.com but the website is correct. + +server { + listen 80; + server_name cloud.example.com; + + location /.well-known/acme-challenge/ { + default_type "text/plain"; + root /etc/nginx/letsencrypt/; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl; + server_name cloud.example.com; + + ssl_certificate /etc/nginx/certs/cloud.example.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/nginx/certs/cloud.example.com/privkey.pem; # managed by Certbot + + # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#nginx + rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect; + rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect; + + location /.well-known/acme-challenge/ { + default_type "text/plain"; + root /etc/nginx/letsencrypt/; + } + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $proxy_connection; + proxy_set_header X-Forwarded-Host $http_host/office; + + # Send traffic to upstream server + location / { + expires epoch; + add_header Pragma public; + add_header Cache-Control "private, no-store"; + add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"; + + # Fix upload errors (HTTP Error: Request Entity Too Large). + client_max_body_size 0; + client_body_buffer_size 100M; + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.asp + proxy_pass_header Server; + proxy_pass http://hyperling-cloud; + } + + # Attempt to make OnlyOffice work both internally and externally. + # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx + location /office/ { + proxy_pass http://hyperling-office-http; + } +} From 486cd7cf21804751362f9c2e20cf73376fd8bcfc Mon Sep 17 00:00:00 2001 From: Hyperling Date: Fri, 3 Jan 2025 07:59:46 -0700 Subject: [PATCH 6/8] Update project to use new Gitea server. --- Config/DynamicDNS/README.md | 2 +- Config/Hyperling.com/Dockerfile | 2 +- README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Config/DynamicDNS/README.md b/Config/DynamicDNS/README.md index 98222ac..9231dfc 100644 --- a/Config/DynamicDNS/README.md +++ b/Config/DynamicDNS/README.md @@ -15,7 +15,7 @@ file always has the latest IP address. 1. Install this project. ``` - git clone https://github.com/Hyperling/docker $PROJECT_DIR + git clone https://git.hyperling.com/me/env-docker $PROJECT_DIR ``` 1. Add your user key to `$PROJECT_DIR/Config/DynamicDNS/private.key`. The key can diff --git a/Config/Hyperling.com/Dockerfile b/Config/Hyperling.com/Dockerfile index bda16db..9459726 100644 --- a/Config/Hyperling.com/Dockerfile +++ b/Config/Hyperling.com/Dockerfile @@ -17,7 +17,7 @@ RUN npm install # Install + Run Website CMD cd /var/www/api && \ rm -rfv pages main.js run.sh && \ - git clone https://github.com/Hyperling/Website website && \ + git clone https://git.hyperling.com/me/nodejs-website website && \ rm -rfv website/files && \ mv -v website/* ./ && \ rm -rfv website && \ diff --git a/README.md b/README.md index 439ea7e..291d81c 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ apt install git bash Clone the project. You may choose anywhere, but `/opt/Docker` is recommended. ``` -git clone https://github.com/Hyperling/Docker /opt/Docker +git clone https://git.hyperling.com/me/env-docker /opt/Docker ``` Load the environment variables from wherever you chose to put the project. From 1cbda3f57a9a9ff3742bab39e0d3f944ec4fd7b7 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Fri, 3 Jan 2025 08:36:43 -0700 Subject: [PATCH 7/8] Remove TBDs, using hostname instead of IP address is not throwing any errors. --- Config/DynamicDNS/README.md | 5 ----- Config/ReverseProxy/README.md | 5 ----- 2 files changed, 10 deletions(-) diff --git a/Config/DynamicDNS/README.md b/Config/DynamicDNS/README.md index 9231dfc..10769e6 100644 --- a/Config/DynamicDNS/README.md +++ b/Config/DynamicDNS/README.md @@ -5,11 +5,6 @@ dynamic DNS provider. Similar may be possible with sites such as dyn.org or noip.com but are currently not supported in this project. Links to some of these product's self-built solutions can be found below. -## TBD - -This needs to work with the Reverse Proxy configuration to make sure the hosts -file always has the latest IP address. - ## Afraid.org Version 2 Instructions 1. Install this project. diff --git a/Config/ReverseProxy/README.md b/Config/ReverseProxy/README.md index b233acb..0a58732 100644 --- a/Config/ReverseProxy/README.md +++ b/Config/ReverseProxy/README.md @@ -1,8 +1,3 @@ -# TBD - -This needs to work with the Dynamic DNS configuration to make sure the hosts -file always has the latest IP address. - # Initial Setup Instructions How to first begin using this subproject. 1. Move to the directory of this README. From 88b76522ae8419b4b28d889231587c19de23ae13 Mon Sep 17 00:00:00 2001 From: Hyperling Date: Fri, 3 Jan 2025 10:47:17 -0700 Subject: [PATCH 8/8] Allow running stage environments without adding to the project. --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 91f2e4f..db6be12 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,6 @@ docker-compose.yml # 2024-01-24 Hide static files for Hyperling.com. Config/Hyperling.com/files/* + +# Ignore things like Config/Hyperling.com-Stage/ +*-Stage