insert/rubberguppe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #84 from immers-space/nginx-ssl

Browse source 
Nginx ssl
This commit is contained in:
Will Murphy 2023-01-28 21:42:24 -06:00 committed by GitHub
commit 74b7a6d195
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 36 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.defaults
View file

@ -1,2 +1,3 @@
DB_NAME=guppe
NODE_ENV=production
PORT_HTTPS=8085

6
CHANGELOG.md
View file

@ -1,3 +1,9 @@
## Unreleased
* Change production swarm setup to use nginx for ssl-terminating reverse proxy due to renewal issues with @small-tech/auto-encrypt in in swarm mode
* Change swarm node labeling scheme to allow consolidation of all services on one machine
* Update activitypub-express to fix [a spec compliance issue](https://github.com/immers-space/activitypub-express/pull/83)
## v1.2.0 (2022-05-15)
* Fix: show correct domain name in guppe instructions on homepage

7
README.md
View file

@ -39,8 +39,13 @@ Guppe uses Docker Swarm for easy load balancing Web server replicas
git clone https://github.com/wmurphyrd/guppe.git
cd guppe
cp .env.defaults .env
echo DOMAIN=yourdomain.com >> .env
export DOMAIN=yourdomain.com
echo DOMAIN=$DOMAIN >> .env
echo ALLOWED_DOMAINS=$DOMAIN >> .env
echo SITES=$DOMAIN=guppe:8085 >> .env
docker swarm init --advertise-addr 127.0.0.1
# all on one node for simple setup or split these onto different nodes for a distributed swarm
docker node update --label-add web=true --label-add database=true --label-add delivery=true $(hostname)
docker stack deploy --compose-file docker-compose.yml guppe
```

40
docker-compose.yml
View file

@ -1,50 +1,56 @@
version: "3.8"
services:
proxy:
image: valian/docker-nginx-auto-ssl
deploy:
placement:
constraints:
- "node.labels.web==true"
restart: always
ports:
- 80:80
- 443:443
volumes:
- ssl_data:/etc/resty-auto-ssl
depends_on:
- guppe
env_file: '.env'
guppe:
image: datatitian/guppe
deploy:
mode: replicated
replicas: 8
replicas: 4
placement:
constraints:
- "node.labels.type==web"
- "node.labels.web==true"
restart: always
ports:
- 443:443
- 80:80
env_file: '.env'
environment:
DB_URL: 'mongodb://mongodb:27017'
PORT_HTTPS: 443
PROXY_MODE: 1
depends_on:
- mongodb
volumes:
- certs:/root/.small-tech.org/auto-encrypt
# localdev certs
- ./certs:/usr/src/guppe/certs
logging:
driver: local
options:
max-size: '10m'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost"]
test: ["CMD", "curl", "-f", "http://localhost:8085"]
interval: 1m30s
timeout: 10s
retries: 3
start_period: 30s
worker1:
image: datatitian/guppe
command: [ "node", "deliveryWorker.js" ]
deploy:
mode: replicated
replicas: 50
replicas: 25
placement:
constraints:
- "node.labels.type==web"
- "node.labels.delivery==true"
restart: always
env_file: '.env'
environment:
@ -63,7 +69,7 @@ services:
replicas: 1
placement:
constraints:
- "node.labels.type==database"
- "node.labels.database==true"
restart: always
volumes:
- mongo-data:/data/db
@ -74,4 +80,4 @@ services:
volumes:
mongo-data:
certs:
ssl_data: