examples improvement - added some README.md stubs

examples/swarm-redis/1-config.yml

@@ -1,38 +0,0 @@
-version: '3.8'
-
-services:
-
-  autoconf:
-    image: bunkerity/bunkerized-nginx-autoconf
-    # bunkerized-nginx runs as an unprivileged user with UID/GID 101
-    # don't forget to edit the permissions of the files and folders accordingly
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /shared/confs:/etc/nginx
-      - /shared/letsencrypt:/etc/letsencrypt
-      - /shared/acme-challenge:/acme-challenge
-      - /shared/cache:/cache
-    environment:
-      - SWARM_MODE=yes
-      - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from nginx
-    networks:
-      - net_config
-    deploy:
-      replicas: 1
-      placement:
-        constraints:
-          - "node.role==manager"
-
-  redis:
-    image: redis:alpine
-    networks:
-      - net_config
-    deploy:
-      replicas: 1
-      placement:
-        constraints:
-          - "node.role==worker"
-
-networks:
-  net_config:
-    external: true

examples/swarm-redis/README.md

@@ -0,0 +1,22 @@
+# Swarm wit hredis
+
+Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm cluster and use redis to distribute the blacklists. See the [Docker Swarm](#TODO) section of the documentation for more information.
+
+## Architecture
+
+<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/examples/swarm-redis/architecture.png?raw=true" />
+
+## Swarm
+
+This example uses two overlay networks needed by the services :
+
+```shell
+$ docker network create -d overlay --attachable net_config
+$ docker network create -d overlay --attachable net_services
+```
+
+First you need to create the redis service : see [redis.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm-redis/redis.yml).
+
+Then, it's time to setup bunkerized-nginx and the autoconf with Swarm mode activated : see [nginx-autoconf.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm-redis/nginx-autoconf.yml).
+
+Then you can add and delete your web services and autoconf will automatically generate the configuration based on your labels : see [services.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm-redis/services.yml).

examples/swarm-redis/nginx-autoconf.yml

@@ -2,6 +2,29 @@ version: '3.8'
 
 services:
 
+  autoconf:
+    image: bunkerity/bunkerized-nginx-autoconf
+    # bunkerized-nginx runs as an unprivileged user with UID/GID 101
+    # don't forget to edit the permissions of the files and folders accordingly
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /shared/confs:/etc/nginx
+      - /shared/letsencrypt:/etc/letsencrypt
+      - /shared/acme-challenge:/acme-challenge
+      - /shared/cache:/cache
+      - /shared/modsec-confs:/modsec-confs:ro
+      - /shared/modsec-crs-confs:/modsec-crs-confs:ro
+    environment:
+      - SWARM_MODE=yes
+      - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from nginx
+    networks:
+      - net_config
+    deploy:
+      replicas: 1
+      placement:
+        constraints:
+          - "node.role==manager"
+
   nginx:
     image: bunkerity/bunkerized-nginx
     ports:
@@ -21,8 +44,12 @@ services:
       - /shared/acme-challenge:/acme-challenge:ro
       - /shared/www:/www:ro
       - /shared/cache:/cache:ro
+      - /shared/modsec-confs:/modsec-confs:ro
+      - /shared/modsec-crs-confs:/modsec-crs-confs:ro
     environment:
       - SWARM_MODE=yes
+      - USE_REDIS=yes
+      - REDIS_HOST=redis
       - USE_API=yes
       - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from autoconf
       - MULTISITE=yes
@@ -31,8 +58,6 @@ services:
       - REDIRECT_HTTP_TO_HTTPS=yes
       - DISABLE_DEFAULT_SERVER=yes
       - USE_CLIENT_CACHE=yes
-      - USE_REDIS=yes
-      - REDIS_HOST=redis
     networks:
       - net_config
       - net_services

examples/swarm-redis/redis.yml

@@ -0,0 +1,17 @@
+version: '3.8'
+
+services:
+
+  redis:
+    image: redis:alpine
+    networks:
+      - net_config
+    deploy:
+      replicas: 1
+      placement:
+        constraints:
+          - "node.role==worker"
+
+networks:
+  net_config:
+    external: true