44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
# 2022-10-05 Hyperling
|
|
# Reverse Proxy with LetsEncrypt Certbot.
|
|
# This is a revised version of these works:
|
|
# https://phoenixnap.com/kb/docker-nginx-reverse-proxy
|
|
# https://www.docker.com/blog/how-to-use-the-official-nginx-docker-image/
|
|
# https://pentacent.medium.com/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71
|
|
|
|
services:
|
|
|
|
app:
|
|
container_name: rp-app
|
|
build:
|
|
context: ./
|
|
network: host
|
|
restart: always
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ../../Volumes/ReverseProxy/letsencrypt:/etc/nginx/letsencrypt
|
|
- ../../Volumes/ReverseProxy/letsencrypt-certs:/etc/nginx/certs
|
|
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
|
|
deploy:
|
|
mode: global
|
|
resources:
|
|
limits:
|
|
cpus: $CPU
|
|
memory: $MEM
|
|
|
|
certbot:
|
|
container_name: rp-certbot
|
|
image: certbot/certbot
|
|
restart: always
|
|
volumes:
|
|
- ../../Volumes/ReverseProxy/letsencrypt:/etc/letsencrypt
|
|
- ../../Volumes/ReverseProxy/letsencrypt-certs:/etc/letsencrypt/nginx
|
|
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; cp -rL /etc/letsencrypt/live/* /etc/letsencrypt/nginx/; sleep 12h & wait $${!}; done;'"
|
|
deploy:
|
|
mode: global
|
|
resources:
|
|
limits:
|
|
cpus: $CPU_LE
|
|
memory: $MEM_LE
|