Refactored proxy service

author Clifton Palmer <clifton.james.palmer@protonmail.com>

Tue, 31 Oct 2023 19:30:37 +0000 (14:30 -0500)

committer Clifton Palmer <clifton.james.palmer@protonmail.com>

Tue, 31 Oct 2023 20:28:19 +0000 (15:28 -0500)
author Clifton Palmer <clifton.james.palmer@protonmail.com>
Tue, 31 Oct 2023 19:30:37 +0000 (14:30 -0500)
committer Clifton Palmer <clifton.james.palmer@protonmail.com>
Tue, 31 Oct 2023 20:28:19 +0000 (15:28 -0500)
diff --git a/conf.d/gallery.conf b/conf.d/gallery.conf

new file mode 100644 (file)

index 0000000..ab755a4
--- /dev/null
+++ b/conf.d/gallery.conf
@@ -0,0 +1,11 @@
+server {
+    listen               443 ssl;
+    server_name          comics.purplebirdman.com;
+    ssl_certificate      /etc/ssl/certs/cert.pem;
+    ssl_certificate_key  /etc/ssl/certs/key.pem;
+
+    location / {
+        proxy_pass http://gallery_server;
+        proxy_set_header Host $host;
+    }
+}
diff --git a/deploy.sh b/deploy.sh

index 6e05b3cb0d2fdda49c0cab8d97ae73f2ad24af52..9e5489b1786c8ad14e0bc7fb40552494c274727f 100755 (executable)
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,2 +1,2 @@
  #!/bin/bash
  #!/bin/bash
-docker stack deploy -c <(docker-compose config) purplebirdman
+docker stack deploy -c <(docker-compose config) proxy
diff --git a/docker-compose.yml b/docker-compose.yml

index c3f14ed014dfe4d8ecdd33dcd3348696f90ef411..2a458367838303323b0100bb530cdd93df0a83a3 100644 (file)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,84 +1,23 @@
  # requires variable config loading, such as:
  # requires variable config loading, such as:
-# docker stack deploy -c <(docker-compose config) purplebirdman
+# docker stack deploy -c <(docker-compose config) proxy
  #
  # also needs an .env file with some variables!
  
  version: '3'
  networks:
  #
  # also needs an .env file with some variables!
  
  version: '3'
  networks:
-    go-backend:
-        driver: overlay
-services:
      proxy:
      proxy:
+        external: true
+services:
+    web-proxy:
          image: nginx:1.17
          volumes:
          image: nginx:1.17
          volumes:
-        - ./proxy/nginx.conf:/etc/nginx/nginx.conf
          - /etc/ssl/certs/purplebirdman/:/etc/ssl/certs/
          - /etc/ssl/certs/purplebirdman/:/etc/ssl/certs/
+        - ./nginx.conf:/etc/nginx/nginx.conf
+        - ./conf.d/:/etc/nginx/conf.d/
          environment:
          - NGINX_HOST=purplebirdman.com
          - NGINX_PORT=443
          ports:
          - 443:443
          environment:
          - NGINX_HOST=purplebirdman.com
          - NGINX_PORT=443
          ports:
          - 443:443
-        depends_on:
-        - purplebirdman
-        - kanboard
-        - public
-        - go-web
-    purplebirdman:
-        image: cjpalmer/purplebirdman:1.0.0
-    kanboard:
-        image: kanboard/kanboard:v1.2.26
-        volumes:
-        - kanboard_data:/var/www/app/data
-        - kanboard_plugins:/var/www/app/plugins
-        - kanboard_ssl:/etc/nginx/ssl
-    public:
-        image: cjpalmer/public:1.2.3
-        volumes:
-        - ${SHARE_ROOT}:/storage
-        - public_data:/usr/local/apache2/htdocs
-        - httpd_users:/usr/local/apache2/auth
-        environment:
-        - PUBLIC_ROOT_DIR=/storage
-        - PUBLIC_LINK_DIR=/usr/local/apache2/htdocs
-        - PUBLIC_FQDN_OVERRIDE=https://public.purplebirdman.com
-    db:
-        image: mariadb:10.6
-        environment:
-            MARIADB_ROOT_PASSWORD: admin
-            MARIADB_DATABASE: go
-            MARIADB_USER: socket
-            MARIADB_PASSWORD: socketpw
-        networks:
-        - go-backend
-    socket:
-        image: cjpalmer/go-socket:1.0.0
-        networks:
-        - go-backend
-        depends_on:
-        - db
-    go-web:
-        image: cjpalmer/go-web:1.0.0
          networks:
          networks:
-        - default
-        - go-backend
-        depends_on:
-        - socket
-volumes:
-    kanboard_data:
-        driver: local
-        driver_opts:
-            o: bind
-            type: none
-            device: /mnt/kanboard_data
-    kanboard_plugins:
-        driver: local
-    kanboard_ssl:
-        driver: local
-    public_data:
-        driver: local
-        driver_opts:
-            o: bind
-            type: none
-            device: /mnt/public_data
-    httpd_users:
-        driver: local
+        - proxy
diff --git a/nginx.conf b/nginx.conf

new file mode 100644 (file)

index 0000000..6c145ae
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,33 @@
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    ssl_password_file /etc/ssl/certs/passphrase.txt;
+
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/proxy/nginx.conf b/proxy/nginx.conf

deleted file mode 100644 (file)

index 73ba402..0000000
--- a/proxy/nginx.conf
+++ /dev/null
@@ -1,60 +0,0 @@
-worker_processes auto;
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    ssl_password_file /etc/ssl/certs/passphrase.txt;
-
-    server {
-        listen               443 ssl;
-        server_name          go.purplebirdman.com;
-        ssl_certificate      /etc/ssl/certs/cert.pem;
-        ssl_certificate_key  /etc/ssl/certs/key.pem;
-        location / {
-            proxy_pass http://go-web;
-            proxy_set_header Host $host;
-        }
-        location /ws {
-            proxy_pass http://go-web;
-            proxy_set_header Host $host;
-
-            # websocket magic
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-        }
-    }
-    server {
-        listen               443 ssl;
-        server_name          kanban.purplebirdman.com;
-        ssl_certificate      /etc/ssl/certs/cert.pem;
-        ssl_certificate_key  /etc/ssl/certs/key.pem;
-        client_max_body_size 20M;
-        location / {
-            proxy_pass http://kanboard;
-            proxy_set_header Host $host;
-        }
-    }
-    server {
-        listen               443 ssl;
-        server_name          public.purplebirdman.com;
-        ssl_certificate      /etc/ssl/certs/cert.pem;
-        ssl_certificate_key  /etc/ssl/certs/key.pem;
-        location / {
-            proxy_pass http://public;
-            proxy_set_header Host $host;
-        }
-    }
-    server {
-        listen               443 ssl;
-        server_name          purplebirdman.com;
-        ssl_certificate      /etc/ssl/certs/cert.pem;
-        ssl_certificate_key  /etc/ssl/certs/key.pem;
-        location / {
-            proxy_pass http://purplebirdman;
-            proxy_set_header Host $host;
-        }
-    }
-}
author	Clifton Palmer <clifton.james.palmer@protonmail.com>
	Tue, 31 Oct 2023 19:30:37 +0000 (14:30 -0500)
committer	Clifton Palmer <clifton.james.palmer@protonmail.com>
	Tue, 31 Oct 2023 20:28:19 +0000 (15:28 -0500)
conf.d/gallery.conf	[new file with mode: 0644]	patch \| blob
deploy.sh		patch \| blob \| history
docker-compose.yml		patch \| blob \| history
nginx.conf	[new file with mode: 0644]	patch \| blob
proxy/nginx.conf	[deleted file]	patch \| blob \| history