quentin/static-publishing-platform
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

add nginx

Browse source
This commit is contained in:
Quentin 2023-02-21 14:49:04 +00:00
parent 5f9592255e
commit 22d665bbe1
5 changed files with 142 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
README.md
View file

@ -5,11 +5,18 @@ if you are reading this file years later,
it is very probably obsolete.
based on:
- Nginx as the reverse proxy (would be tricot in production)
- Gitea: https://github.com/superboum/gitea
- Teabag: https://github.com/denyskon/teabag
- Static CMS: https://www.staticcms.org/
- Drone: https://github.com/harness/drone
- Garage: git.deuxfleurs.fr/Deuxfleurs/garage/
- Garage: https://git.deuxfleurs.fr/Deuxfleurs/garage/
## Launch the reverse proxy
```
docker-compose up -d reverse
```
## Install Gitea

39
docker-compose.yml
View file

@ -1,21 +1,29 @@
version: "3.4"
services:
server:
reverse:
image: nginx:1.23.3
container_name: reverse
restart: always
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- "80:80"
gitea:
# Patched image required for Gitea version < 1.19
image: superboum/gitea:1.17.4-cors
container_name: gitea
network_mode: host
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__cors__ENABLED =true
- GITEA__cors__ALLOW_DOMAIN =*
- GITEA__cors__ALLOW_CREDENTIALS =true
- GITEA__cors__SCHEME =*
- GITEA__cors__METHODS =GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
- GITEA__cors__ENABLED=true
- GITEA__cors__ALLOW_DOMAIN=*
- GITEA__cors__ALLOW_CREDENTIALS=true
- GITEA__cors__SCHEME=*
- GITEA__cors__METHODS=GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
# Ignored in Gitea version < 1.19, see image comment above
- GITEA__cors__HEADERS =Content-Type,User-Agent,Authorization
- GITEA__cors__HEADERS=Content-Type,User-Agent,Authorization
# HTTP hooks
- GITEA__webhook__ALLOWED_HOST_LIST=*
restart: always
@ -24,42 +32,34 @@ services:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:22"
teabag:
image: ghcr.io/denyskon/teabag:latest
container_name: teabag
restart: always
network_mode: host
volumes:
- ./teabag.env:/etc/teabag/teabag.env
ports:
- "3001:3001"
drone:
image: drone/drone:2
container_name: drone
network_mode: host
restart: always
environment:
- DRONE_GITEA_CLIENT_ID=2ede47ba-c943-48ad-8f7b-987df45983ee
- DRONE_GITEA_CLIENT_SECRET=gto_vvj5e4fjvg6s3zeu4plgolvx2erowjvcp5bzhfo4c76v7bn466pa
- DRONE_GITEA_SERVER=http://localhost:3000
- DRONE_GITEA_SERVER=http://git.vimaire.machine.dufour.io
- DRONE_RPC_SECRET=EJPRnOcjAoKxAShyBTdeDX4GSHRUX4FzuIJKohTEw10=
- DRONE_SERVER_HOST=localhost:3002
- DRONE_SERVER_HOST=drone.vimaire.machine.dufour.io
- DRONE_SERVER_PROTO=http
- DRONE_SERVER_PORT=:3002
ports:
- "3002:3002"
runner:
image: drone/drone-runner-docker:1
container_name: runner
network_mode: host
restart: always
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=localhost:3002
- DRONE_RPC_HOST=drone.vimaire.machine.dufour.io
- DRONE_RPC_SECRET=EJPRnOcjAoKxAShyBTdeDX4GSHRUX4FzuIJKohTEw10=
- DRONE_RUNNER_CAPACITY=1
- DRONE_RUNNER_NAME=dummy
@ -70,7 +70,6 @@ services:
garage:
image: dxflrs/garage:v0.8.1
container_name: garage
network_mode: host
restart: always
volumes:
- ./garage.toml:/etc/garage.toml

4
garage.toml
View file

@ -11,11 +11,11 @@ rpc_secret = "9ec6d97e54b2a55e939f0ba761ba565595691f0d42eb6511f4cb6cb69e906cad"
[s3_api]
s3_region = "garage"
api_bind_addr = "[::]:3900"
root_domain = ".s3.localhost"
root_domain = ".s3.vimaire.machine.dufour.io"
[s3_web]
bind_addr = "[::]:3902"
root_domain = ".web.localhost"
root_domain = ".web.vimaire.machine.dufour.io"
index = "index.html"
[k2v_api]

111
nginx.conf Normal file
View file

@ -0,0 +1,111 @@
# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/
error_log /dev/stderr info;
events {}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# mimetypes, required by jitsi!
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Gzip Settings
##
gzip on;
access_log /dev/stdout;
server_names_hash_bucket_size 64;
server {
listen 80;
client_max_body_size 0;
server_name git.vimaire.machine.dufour.io;
location / {
set $upstream http://gitea:3000;
proxy_pass $upstream;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
server {
listen 80;
client_max_body_size 0;
server_name teabag.vimaire.machine.dufour.io;
location / {
set $upstream http://teabag:3001;
proxy_pass $upstream;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
server {
listen 80;
client_max_body_size 0;
server_name drone.vimaire.machine.dufour.io;
location / {
set $upstream http://drone:3002;
proxy_pass $upstream;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
server {
listen 80;
client_max_body_size 0;
server_name *.web.vimaire.machine.dufour.io;
location / {
set $upstream http://garage:3002;
proxy_pass $upstream;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
server {
listen 80;
client_max_body_size 0;
server_name *.s3.vimaire.machine.dufour.io;
location / {
set $upstream http://garage:3900;
proxy_pass $upstream;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
}

4
teabag.env
View file

@ -4,8 +4,8 @@ SESSION_SECRET=uLCe67uvUpaI/U3c0yBzzFxJliY80BQHU/l9FZrkN38=
GITEA_KEY=968c9d5a-8b4e-4091-b48d-cc5d0888680d
GITEA_SECRET=gto_65p4gglq5au4mtvtpq7xcnlyonfyvphlwixhhkni6aql5yd3ovcq
GITEA_BASE_URL=http://localhost:3000
GITEA_BASE_URL=http://git.vimaire.machine.dufour.io
GITEA_AUTH_URI=login/oauth/authorize
GITEA_TOKEN_URI=login/oauth/access_token
GITEA_USER_URI=api/v1/user
CALLBACK_URI=http://localhost:3001/callback
CALLBACK_URI=http://teabag.vimaire.machine.dufour.io/callback