diff --git a/.env.defaults b/.env.defaults index d0db5b7..e6d3078 100644 --- a/.env.defaults +++ b/.env.defaults @@ -1,2 +1,3 @@ DB_NAME=guppe NODE_ENV=production +PORT_HTTPS=8085 diff --git a/CHANGELOG.md b/CHANGELOG.md index fe01b35..d742e82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## Unreleased + +* Change production swarm setup to use nginx for ssl-terminating reverse proxy due to renewal issues with @small-tech/auto-encrypt in in swarm mode +* Change swarm node labeling scheme to allow consolidation of all services on one machine +* Update activitypub-express to fix [a spec compliance issue](https://github.com/immers-space/activitypub-express/pull/83) + ## v1.2.0 (2022-05-15) * Fix: show correct domain name in guppe instructions on homepage diff --git a/README.md b/README.md index 7bd6c04..653e91b 100644 --- a/README.md +++ b/README.md @@ -39,8 +39,13 @@ Guppe uses Docker Swarm for easy load balancing Web server replicas git clone https://github.com/wmurphyrd/guppe.git cd guppe cp .env.defaults .env -echo DOMAIN=yourdomain.com >> .env +export DOMAIN=yourdomain.com +echo DOMAIN=$DOMAIN >> .env +echo ALLOWED_DOMAINS=$DOMAIN >> .env +echo SITES=$DOMAIN=guppe:8085 >> .env docker swarm init --advertise-addr 127.0.0.1 +# all on one node for simple setup or split these onto different nodes for a distributed swarm +docker node update --label-add web=true --label-add database=true --label-add delivery=true $(hostname) docker stack deploy --compose-file docker-compose.yml guppe ``` diff --git a/docker-compose.yml b/docker-compose.yml index 7afd575..adb96ee 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,50 +1,56 @@ version: "3.8" services: + proxy: + image: valian/docker-nginx-auto-ssl + deploy: + placement: + constraints: + - "node.labels.web==true" + restart: always + ports: + - 80:80 + - 443:443 + volumes: + - ssl_data:/etc/resty-auto-ssl + depends_on: + - guppe + env_file: '.env' guppe: image: datatitian/guppe deploy: mode: replicated - replicas: 8 + replicas: 4 placement: constraints: - - "node.labels.type==web" + - "node.labels.web==true" restart: always - ports: - - 443:443 - - 80:80 env_file: '.env' environment: DB_URL: 'mongodb://mongodb:27017' - PORT_HTTPS: 443 + PROXY_MODE: 1 depends_on: - mongodb - volumes: - - certs:/root/.small-tech.org/auto-encrypt - # localdev certs - - ./certs:/usr/src/guppe/certs logging: driver: local options: max-size: '10m' healthcheck: - test: ["CMD", "curl", "-f", "http://localhost"] + test: ["CMD", "curl", "-f", "http://localhost:8085"] interval: 1m30s timeout: 10s retries: 3 start_period: 30s - - worker1: image: datatitian/guppe command: [ "node", "deliveryWorker.js" ] deploy: mode: replicated - replicas: 50 + replicas: 25 placement: constraints: - - "node.labels.type==web" + - "node.labels.delivery==true" restart: always env_file: '.env' environment: @@ -63,7 +69,7 @@ services: replicas: 1 placement: constraints: - - "node.labels.type==database" + - "node.labels.database==true" restart: always volumes: - mongo-data:/data/db @@ -74,4 +80,4 @@ services: volumes: mongo-data: - certs: + ssl_data: