Addresses comments in PR. Fixes typo in docker-compose. Changes mount of static files to RO. Adds example and brief explaination for haproxy certificates. Fixes whitespaces in nginx.conf
This commit is contained in:
parent
7f0b52e9e1
commit
2793e24b5b
@ -22,4 +22,5 @@ HAproxy, unlike Apache, Nginx and others, does not provide you with a webserver
|
|||||||
|
|
||||||
* Build the Docker image. `docker build -t local/nginx .`
|
* Build the Docker image. `docker build -t local/nginx .`
|
||||||
* Start the container. `docker-compose up -d`. Note that if you want to run Nginx on a different port, you will have to change the port both in the `docker-compose.yml` and in `haproxy.cfg`.
|
* Start the container. `docker-compose up -d`. Note that if you want to run Nginx on a different port, you will have to change the port both in the `docker-compose.yml` and in `haproxy.cfg`.
|
||||||
|
* If you don't want to use a wildcard certificate, you will need to modify the corresponding line in the HTTPS frontent and add the paths of all the specific certificates (as for the commented example in `haproxy.cfg`).
|
||||||
* Start HAproxy with the proposed configuration.
|
* Start HAproxy with the proposed configuration.
|
@ -1,8 +1,8 @@
|
|||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
neginx:
|
nginx:
|
||||||
image: local/nginx
|
image: local/nginx
|
||||||
ports:
|
ports:
|
||||||
- 40888:80
|
- 40888:80
|
||||||
volumes:
|
volumes:
|
||||||
- /matrix/static-files:/var/www/:rw
|
- /matrix/static-files:/var/www/:ro
|
||||||
|
@ -39,6 +39,7 @@ frontend https-frontend
|
|||||||
# HAproxy wants the full chain and the private key in one file. For Letsencrypt manually generated certs (e.g., wildcard certs) you can use
|
# HAproxy wants the full chain and the private key in one file. For Letsencrypt manually generated certs (e.g., wildcard certs) you can use
|
||||||
# cat /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem > /etc/haproxy/certs/star-example.com.pem
|
# cat /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem > /etc/haproxy/certs/star-example.com.pem
|
||||||
bind *:443 ssl crt /etc/haproxy/certs/star-example.com.pem
|
bind *:443 ssl crt /etc/haproxy/certs/star-example.com.pem
|
||||||
|
#bind *:443 ssl crt /etc/haproxy/certs/riot.example.com.pem /etc/haproxy/certs/matrix.example.com.pem
|
||||||
reqadd X-Forwarded-Proto:\ https
|
reqadd X-Forwarded-Proto:\ https
|
||||||
option httplog
|
option httplog
|
||||||
option http-server-close
|
option http-server-close
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
|
|
||||||
daemon off;
|
daemon off;
|
||||||
|
|
||||||
events {
|
events {
|
||||||
@ -12,7 +11,5 @@ http {
|
|||||||
listen 80;
|
listen 80;
|
||||||
index index.html;
|
index index.html;
|
||||||
root /var/www;
|
root /var/www;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user