From ecaad85a307dacbd0e57c44698137ddfbc93ef34 Mon Sep 17 00:00:00 2001 From: NilsGrunwald Date: Sun, 14 Feb 2021 17:20:39 +0100 Subject: [PATCH] Finally Nextcloud and Gitea running behind reverse proxy. --- docker-swag/docker-compose.yml | 32 ++++++++++ gitea/docker-compose.yml | 12 +++- nextcloud/docker-compose.yml | 11 +++- nginx/default | 76 ---------------------- nginx/docker-compose.yml | 12 ---- nginx/nginx.conf | 112 --------------------------------- 6 files changed, 53 insertions(+), 202 deletions(-) create mode 100644 docker-swag/docker-compose.yml delete mode 100644 nginx/default delete mode 100644 nginx/docker-compose.yml delete mode 100644 nginx/nginx.conf diff --git a/docker-swag/docker-compose.yml b/docker-swag/docker-compose.yml new file mode 100644 index 0000000..9dbe0c0 --- /dev/null +++ b/docker-swag/docker-compose.yml @@ -0,0 +1,32 @@ +version: "2.1" + +services: + swag: + image: ghcr.io/linuxserver/swag + container_name: swag + cap_add: + - NET_ADMIN + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - URL=montana2000.ddns.net + - SUBDOMAINS=, + - VALIDATION=http + - EMAIL=nilsgrunwald@msn.com + volumes: + - swag_conf:/config + ports: + - 443:443 + - 80:80 + restart: unless-stopped + networks: + - nginx_network + +volumes: + swag_conf: + + +networks: + nginx_network: + driver: bridge \ No newline at end of file diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 62dc015..d249d6d 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -2,6 +2,7 @@ version: '2' services: web: image: gitea/gitea:1.12.4 + container_name: gitea volumes: - gitea_data:/data ports: @@ -10,6 +11,8 @@ services: depends_on: - db restart: always + networks: + - nginx_network db: image: mariadb:10 volumes: @@ -20,6 +23,13 @@ services: - MYSQL_DATABASE=gitea - MYSQL_USER=gitea - MYSQL_PASSWORD=inginf95 + networks: + - nginx_network + volumes: gitea_data: - gitea_mariadb: \ No newline at end of file + gitea_mariadb: + +networks: + nginx_network: + driver: bridge \ No newline at end of file diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 158078a..e1f5c73 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -16,9 +16,12 @@ services: - MYSQL_PASSWORD=inginf95 - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud + networks: + - nginx_network app: image: nextcloud + container_name: nextcloud restart: always ports: - 8080:80 @@ -30,4 +33,10 @@ services: - MYSQL_PASSWORD=inginf95 - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - - MYSQL_HOST=nextcloud_db \ No newline at end of file + - MYSQL_HOST=nextcloud_db + networks: + - nginx_network + +networks: + nginx_network: + driver: bridge \ No newline at end of file diff --git a/nginx/default b/nginx/default deleted file mode 100644 index c8d5257..0000000 --- a/nginx/default +++ /dev/null @@ -1,76 +0,0 @@ -server { - listen 80; - - - location / { - proxy_pass http://localhost:8080/; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - #### When using Let's Encrypt Only #### - location /.well-known/acme-challenge/ { - root /var/www/montana2000.ddns.net; - } - - location /owncloud { - proxy_pass http://localhost:8088/owncloud; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - -} - -server { - listen 84; - server_name montana2000.ddns.net; - return 301 https://$server_name$request_uri; -} - -server { - listen 443 ssl; - server_name montana2000.ddns.net; - - ssl_certificate /etc/letsencrypt/live/montana2000.ddns.net/fullchain.pem; # or /etc/ssl/openhab.crt - ssl_certificate_key /etc/letsencrypt/live/montana2000.ddns.net/privkey.pem; # or /etc/ssl/openhab.key - #add_header Strict-Transport-Security "max-age=31536000"; # Remove if using self-signed and are having trouble. - - location / { - proxy_pass http://localhost:8080/; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - satisfy any; - allow 192.168.0.0/24; - allow 127.0.0.1; - deny all; - auth_basic "Username and Password Required"; - auth_basic_user_file /etc/nginx/.htpasswd; - } - - location /owncloud { - proxy_pass http://localhost:8088/owncloud; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - satisfy any; - allow 192.168.0.0/24; - allow 127.0.0.1; - } - - #### When using Let's Encrypt Only #### - location /.well-known/acme-challenge/ { - root /var/www/montana2000.ddns.net; - } -} - diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml deleted file mode 100644 index aff5b4c..0000000 --- a/nginx/docker-compose.yml +++ /dev/null @@ -1,12 +0,0 @@ - -version: '2' -services: - nginx: - image: nginx:latest - ports: - - "80:80" - - "443:443" - volumes: - - D:\dev\docker\docker-compose\nginx\nginx.conf:/etc/nginx/nginx.conf - restart: always - network_mode: host \ No newline at end of file diff --git a/nginx/nginx.conf b/nginx/nginx.conf deleted file mode 100644 index ea3c03e..0000000 --- a/nginx/nginx.conf +++ /dev/null @@ -1,112 +0,0 @@ -user www-data; -worker_processes auto; -pid /run/nginx.pid; - -events { - worker_connections 768; - # multi_accept on; -} - -http { - - ## - # Basic Settings - ## - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - # server_tokens off; - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # SSL Settings - ## - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE - ssl_prefer_server_ciphers on; - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; - - ## - # Gzip Settings - ## - - gzip on; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # Virtual Host Configs - ## - server { - listen 80; - - # Docker DNS - resolver 127.0.0.11; - server_name montana2000.ddns.net; - - location /gitea/ { - proxy_pass http://host.docker.internal:3000/; - } - - location /nextcloud/ { - proxy_pass http://host.docker.internal:8080/; - } - - location / { - proxy_pass http://192.168.178.36:8088/; - } - - location /openhab/ { - proxy_pass http://192.168.178.36:8080/; - } - - location /fhem/ { - proxy_pass https://montana2000.ddns.net:8083/fhem/; - } - - location /owncloud/ { - proxy_pass http://192.168.178.36:8088/owncloud/; - } - } -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#}