insert/rubberguppe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #84 from immers-space/nginx-ssl

Browse source 
Nginx ssl
This commit is contained in:
Will Murphy 2023-01-28 21:42:24 -06:00 committed by GitHub
commit 74b7a6d195
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 36 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.defaults
View file

@ -1,2 +1,3 @@
DB_NAME=guppe DB_NAME=guppe
NODE_ENV=production NODE_ENV=production
PORT_HTTPS=8085

6
CHANGELOG.md
View file

@ -1,3 +1,9 @@
## Unreleased
* Change production swarm setup to use nginx for ssl-terminating reverse proxy due to renewal issues with @small-tech/auto-encrypt in in swarm mode
* Change swarm node labeling scheme to allow consolidation of all services on one machine
* Update activitypub-express to fix [a spec compliance issue](https://github.com/immers-space/activitypub-express/pull/83)
## v1.2.0 (2022-05-15) ## v1.2.0 (2022-05-15)
* Fix: show correct domain name in guppe instructions on homepage * Fix: show correct domain name in guppe instructions on homepage

7
README.md
View file

@ -39,8 +39,13 @@ Guppe uses Docker Swarm for easy load balancing Web server replicas
git clone https://github.com/wmurphyrd/guppe.git git clone https://github.com/wmurphyrd/guppe.git
cd guppe cd guppe
cp .env.defaults .env cp .env.defaults .env
echo DOMAIN=yourdomain.com >> .env export DOMAIN=yourdomain.com
echo DOMAIN=$DOMAIN >> .env
echo ALLOWED_DOMAINS=$DOMAIN >> .env
echo SITES=$DOMAIN=guppe:8085 >> .env
docker swarm init --advertise-addr 127.0.0.1 docker swarm init --advertise-addr 127.0.0.1
# all on one node for simple setup or split these onto different nodes for a distributed swarm
docker node update --label-add web=true --label-add database=true --label-add delivery=true $(hostname)
docker stack deploy --compose-file docker-compose.yml guppe docker stack deploy --compose-file docker-compose.yml guppe
``` ```

40
docker-compose.yml
View file

@ -1,50 +1,56 @@
version: "3.8" version: "3.8"
services: services:
proxy:
image: valian/docker-nginx-auto-ssl
deploy:
placement:
constraints:
- "node.labels.web==true"
restart: always
ports:
- 80:80
- 443:443
volumes:
- ssl_data:/etc/resty-auto-ssl
depends_on:
- guppe
env_file: '.env'
guppe: guppe:
image: datatitian/guppe image: datatitian/guppe
deploy: deploy:
mode: replicated mode: replicated
replicas: 8 replicas: 4
placement: placement:
constraints: constraints:
- "node.labels.type==web" - "node.labels.web==true"
restart: always restart: always
ports:
- 443:443
- 80:80
env_file: '.env' env_file: '.env'
environment: environment:
DB_URL: 'mongodb://mongodb:27017' DB_URL: 'mongodb://mongodb:27017'
PORT_HTTPS: 443 PROXY_MODE: 1
depends_on: depends_on:
- mongodb - mongodb
volumes:
- certs:/root/.small-tech.org/auto-encrypt
# localdev certs
- ./certs:/usr/src/guppe/certs
logging: logging:
driver: local driver: local
options: options:
max-size: '10m' max-size: '10m'
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost"] test: ["CMD", "curl", "-f", "http://localhost:8085"]
interval: 1m30s interval: 1m30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
start_period: 30s start_period: 30s
worker1: worker1:
image: datatitian/guppe image: datatitian/guppe
command: [ "node", "deliveryWorker.js" ] command: [ "node", "deliveryWorker.js" ]
deploy: deploy:
mode: replicated mode: replicated
replicas: 50 replicas: 25
placement: placement:
constraints: constraints:
- "node.labels.type==web" - "node.labels.delivery==true"
restart: always restart: always
env_file: '.env' env_file: '.env'
environment: environment:
@ -63,7 +69,7 @@ services:
replicas: 1 replicas: 1
placement: placement:
constraints: constraints:
- "node.labels.type==database" - "node.labels.database==true"
restart: always restart: always
volumes: volumes:
- mongo-data:/data/db - mongo-data:/data/db
@ -74,4 +80,4 @@ services:
volumes: volumes:
mongo-data: mongo-data:
certs: ssl_data: