fergalmoran/dss.docker
1
0
Fork 0
mirror of https://github.com/fergalmoran/dss.docker.git synced 2025-12-22 01:08:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added letsencrypt

Browse Source
This commit is contained in:
Ubuntu
2017-03-03 19:35:21 +00:00
parent a6b2303a46
commit d1f3fa2d2e
2 changed files with 45 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
docker-compose.yml
View File

@@ -5,7 +5,7 @@ data:
- /var/lib/postgresql
command: /bin/true
postgres:
db:
restart: "always"
image: postgres:9.4
volumes_from:
@@ -14,6 +14,7 @@ postgres:
- "5432:5432"
rabbitmq:
restart: "always"
image: tutum/rabbitmq
environment:
- RABBITMQ_PASS=wZ59kFTJZN8YQ
@@ -23,10 +24,24 @@ rabbitmq:
- "15672:15672"
redis:
restart: "always"
image: redis
#icecast:
# build: ./icecast/
# volumes:
# - ./logs:/var/log/icecast2
# - /etc/localtime:/etc/localtime:ro
# environment:
# - ICECAST_SOURCE_PASSWORD=RDzNlgqmj67vk
# - ICECAST_ADMIN_PASSWORD=CrVuP5evoJZ0
# - ICECAST_RELAY_PASSWORD=9PmUbI1mLne9o
# ports:
# - 8000:8000
api:
image: fergalmoran/dss.api
restart: "always"
image: fergalmoran/dss.api:latest
volumes:
- /files
ports:
@@ -34,60 +49,37 @@ api:
env_file:
- ./api_env
links:
- postgres
- redis
# - icecast
- rabbitmq
command: ./run_web.sh
icecast:
build: ./icecast/
volumes:
- ./logs:/var/log/icecast2
- /etc/localtime:/etc/localtime:ro
environment:
- ICECAST_SOURCE_PASSWORD=RDzNlgqmj67vk
- ICECAST_ADMIN_PASSWORD=CrVuP5evoJZ0
- ICECAST_RELAY_PASSWORD=9PmUbI1mLne9o
ports:
- 8000:8000
api:
image: fergalmoran/dss.api
volumes:
- /files
ports:
- "8001:8001"
env_file:
- ./api_env
links:
- "postgres:postgres"
- "db:db"
- "redis:redis"
- "icecast:icecast"
# - "icecast:icecast"
- "rabbitmq:rabbitmq"
command: ./run_web.sh
celery:
restart: "always"
image: fergalmoran/dss.api
env_file:
- ./api_env
volumes_from:
- api
links:
- "postgres:postgres"
- "db:db"
- "redis:redis"
- "rabbitmq:rabbitmq"
command: ./run_celery.sh
web:
restart: "always"
image: fergalmoran/dss.web
volumes:
- /app/dist/public/assets
env_file:
- ./web_env
restart: "always"
links:
- "redis:redis"
ports:
- "8080:8080"
- "8088:8088"
#icecast:
# build: ./icecast/
@@ -122,6 +114,9 @@ nginx:
- "web:web"
# - "icecast:icecast"
# - "radio:radio"
volumes:
- /etc/letsencrypt:/etc/letsencrypt
restart: "always"
volumes_from:
- api
- web

22
nginx/sites-enabled/deepsouthsounds.com
View File

@@ -5,8 +5,11 @@ server {
server_name deepsouthsounds.com ext-test.deepsouthsounds.com www.deepsouthsounds.com;
root /files/static/;
ssl_certificate /etc/nginx/ssl/dss.crt;
ssl_certificate_key /etc/nginx/ssl/dss.key;
ssl_certificate /etc/letsencrypt/live/deepsouthsounds.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/deepsouthsounds.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;
@@ -25,6 +28,12 @@ server {
location /media {
alias /files/media;
}
location /assets {
alias /app/dist/public/assets;
}
location /images {
alias /app/dist/public/assets/images;
}
location / {
if ($request_filename ~* ^.*?/([^/]*?)$) {
set $filename $1;
@@ -32,7 +41,7 @@ server {
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){
add_header Access-Control-Allow-Origin *;
}
proxy_pass http://web:8080;
proxy_pass http://web:8088;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
@@ -47,8 +56,11 @@ server {
server_name api.deepsouthsounds.com api-test.deepsouthsounds.com;
client_max_body_size 0;
ssl_certificate /etc/nginx/ssl/api.crt;
ssl_certificate_key /etc/nginx/ssl/api.key;
ssl_certificate /etc/letsencrypt/live/api.deepsouthsounds.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.deepsouthsounds.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;