add docker-compose stack

safe.fiery.me
Evan McCarthy 3 years ago committed by Bobby Wibowo
parent f95cb64d7e
commit 8ea0e491cd
No known key found for this signature in database
GPG Key ID: 51C3A1E1E22D26CF
  1. 2
      .env.example
  2. 6
      config.sample.js
  3. 63
      docker-compose.yaml
  4. 41
      nginx.docker.conf

@ -0,0 +1,2 @@
EMAIL=email@example.org
DOMAIN=MY-DOMAIN.com

@ -24,9 +24,11 @@ module.exports = {
Both cases require you to type the domain where the files will be served on the `domain` key below.
Which one you use is ultimately up to you.
Leave this as "false" if using docker.
*/
serveFilesWithNode: false,
domain: 'https://lolisafe.moe',
domain: 'https://xml.bz',
/*
If you are serving your files with a different domain than your lolisafe homepage,
@ -36,7 +38,7 @@ module.exports = {
homeDomain: null,
/*
Port on which to run the server.
Port on which to run the server. Do not change this if using docker. Change in .env.
*/
port: 9999,

@ -0,0 +1,63 @@
version: '3.8'
networks:
net:
driver: bridge
services:
safe:
image: lolisafe/lolisafe
volumes:
- ./config.js:/usr/src/lolisafe/config.js:ro
- ./uploads:/usr/src/lolisafe/uploads
restart: unless-stopped
networks:
- net
nginx:
image: nginx
volumes:
- ./nginx.docker.conf:/etc/nginx/conf.d/default.conf:ro
- ./uploads:/uploads
expose:
- 80
restart: unless-stopped
depends_on:
- safe
networks:
- net
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.xml.rule=Host(`${DOMAIN}`)'
- 'traefik.http.routers.xml.entrypoints=https'
- 'traefik.http.routers.xml.tls=true'
- 'traefik.http.routers.xml.tls.certresolver=letsencrypt'
traefik:
image: traefik:latest
container_name: traefik
volumes:
- ./traefik/acme.json:/acme.json
- /var/run/docker.sock:/var/run/docker.sock
networks:
- net
ports:
- 80:80
- 443:443
command:
- '--log.level=INFO'
- '--providers.docker=true'
- '--providers.docker.exposedByDefault=false'
- '--entrypoints.http=true'
- '--entrypoints.http.address=:80'
- '--certificatesresolvers.letsencrypt.acme.email=${EMAIL}'
- '--certificatesresolvers.letsencrypt.acme.storage=acme.json'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http'
- '--entrypoints.http.http.redirections.entrypoint.to=https'
- '--entrypoints.http.http.redirections.entrypoint.scheme=https'
- '--entrypoints.https=true'
- '--entrypoints.https.address=:443'
restart: unless-stopped
depends_on:
- nginx

@ -0,0 +1,41 @@
upstream backend {
server safe:9999; # Change to the port you specified on lolisafe
}
map $sent_http_content_type $charset {
~^text/ utf-8;
}
server {
listen 80;
client_max_body_size 10000M; # Change this to the max file size you want to allow
charset $charset;
charset_types *;
# Uncomment if you are running lolisafe behind CloudFlare.
# This requires NGINX compiled from source with:
# --with-http_realip_module
#include /path/to/lolisafe/real-ip-from-cf;
location / {
add_header Access-Control-Allow-Origin *;
root /uploads;
try_files $uri @proxy;
}
location @proxy {
proxy_set_header X-Real-IP $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://backend;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Loading…
Cancel
Save