fergalmoran/dss.docker
1
0
Fork 0
mirror of https://github.com/fergalmoran/dss.docker.git synced 2025-12-22 01:08:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added letsencrypt

Browse Source
This commit is contained in:
Ubuntu
2017-03-03 19:35:21 +00:00
parent a6b2303a46
commit d1f3fa2d2e
2 changed files with 45 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
docker-compose.yml
View File

@@ -5,7 +5,7 @@ data:
- /var/lib/postgresql - /var/lib/postgresql
command: /bin/true command: /bin/true
postgres: db:
restart: "always" restart: "always"
image: postgres:9.4 image: postgres:9.4
volumes_from: volumes_from:
@@ -14,6 +14,7 @@ postgres:
- "5432:5432" - "5432:5432"
rabbitmq: rabbitmq:
restart: "always"
image: tutum/rabbitmq image: tutum/rabbitmq
environment: environment:
- RABBITMQ_PASS=wZ59kFTJZN8YQ - RABBITMQ_PASS=wZ59kFTJZN8YQ
@@ -23,37 +24,24 @@ rabbitmq:
- "15672:15672" - "15672:15672"
redis: redis:
restart: "always"
image: redis image: redis
api: #icecast:
image: fergalmoran/dss.api # build: ./icecast/
volumes: # volumes:
- /files # - ./logs:/var/log/icecast2
ports: # - /etc/localtime:/etc/localtime:ro
- "8001:8001" # environment:
env_file: # - ICECAST_SOURCE_PASSWORD=RDzNlgqmj67vk
- ./api_env # - ICECAST_ADMIN_PASSWORD=CrVuP5evoJZ0
links: # - ICECAST_RELAY_PASSWORD=9PmUbI1mLne9o
- postgres # ports:
- redis # - 8000:8000
# - icecast
- rabbitmq
command: ./run_web.sh
icecast:
build: ./icecast/
volumes:
- ./logs:/var/log/icecast2
- /etc/localtime:/etc/localtime:ro
environment:
- ICECAST_SOURCE_PASSWORD=RDzNlgqmj67vk
- ICECAST_ADMIN_PASSWORD=CrVuP5evoJZ0
- ICECAST_RELAY_PASSWORD=9PmUbI1mLne9o
ports:
- 8000:8000
api: api:
image: fergalmoran/dss.api restart: "always"
image: fergalmoran/dss.api:latest
volumes: volumes:
- /files - /files
ports: ports:
@@ -61,33 +49,37 @@ api:
env_file: env_file:
- ./api_env - ./api_env
links: links:
- "postgres:postgres" - "db:db"
- "redis:redis" - "redis:redis"
- "icecast:icecast" # - "icecast:icecast"
- "rabbitmq:rabbitmq" - "rabbitmq:rabbitmq"
command: ./run_web.sh command: ./run_web.sh
celery: celery:
restart: "always"
image: fergalmoran/dss.api image: fergalmoran/dss.api
env_file: env_file:
- ./api_env - ./api_env
volumes_from: volumes_from:
- api - api
links: links:
- "postgres:postgres" - "db:db"
- "redis:redis" - "redis:redis"
- "rabbitmq:rabbitmq" - "rabbitmq:rabbitmq"
command: ./run_celery.sh command: ./run_celery.sh
web: web:
restart: "always"
image: fergalmoran/dss.web image: fergalmoran/dss.web
volumes:
- /app/dist/public/assets
env_file: env_file:
- ./web_env - ./web_env
restart: "always" restart: "always"
links: links:
- "redis:redis" - "redis:redis"
ports: ports:
- "8080:8080" - "8088:8088"
#icecast: #icecast:
# build: ./icecast/ # build: ./icecast/
@@ -122,6 +114,9 @@ nginx:
- "web:web" - "web:web"
# - "icecast:icecast" # - "icecast:icecast"
# - "radio:radio" # - "radio:radio"
volumes:
- /etc/letsencrypt:/etc/letsencrypt
restart: "always"
volumes_from: volumes_from:
- api - api
- web

22
nginx/sites-enabled/deepsouthsounds.com
View File

@@ -5,8 +5,11 @@ server {
server_name deepsouthsounds.com ext-test.deepsouthsounds.com www.deepsouthsounds.com; server_name deepsouthsounds.com ext-test.deepsouthsounds.com www.deepsouthsounds.com;
root /files/static/; root /files/static/;
ssl_certificate /etc/nginx/ssl/dss.crt; ssl_certificate /etc/letsencrypt/live/deepsouthsounds.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/dss.key; ssl_certificate_key /etc/letsencrypt/live/deepsouthsounds.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
if ($ssl_protocol = "") { if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;
@@ -25,6 +28,12 @@ server {
location /media { location /media {
alias /files/media; alias /files/media;
} }
location /assets {
alias /app/dist/public/assets;
}
location /images {
alias /app/dist/public/assets/images;
}
location / { location / {
if ($request_filename ~* ^.*?/([^/]*?)$) { if ($request_filename ~* ^.*?/([^/]*?)$) {
set $filename $1; set $filename $1;
@@ -32,7 +41,7 @@ server {
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){ if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){
add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Origin *;
} }
proxy_pass http://web:8080; proxy_pass http://web:8088;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -47,8 +56,11 @@ server {
server_name api.deepsouthsounds.com api-test.deepsouthsounds.com; server_name api.deepsouthsounds.com api-test.deepsouthsounds.com;
client_max_body_size 0; client_max_body_size 0;
ssl_certificate /etc/nginx/ssl/api.crt; ssl_certificate /etc/letsencrypt/live/api.deepsouthsounds.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/api.key; ssl_certificate_key /etc/letsencrypt/live/api.deepsouthsounds.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
if ($ssl_protocol = "") { if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;