docs - add autoconf doc to Docker section

docs/integrations.md

@@ -77,7 +77,8 @@ Important things to note :
 - Replace www.example.com with your own domain (it must points to your server IP address if you want Let's Encrypt to work)
 - Automatic Let's Encrypt is enabled thanks to `AUTO_LETS_ENCRYPT=yes` (since the default is `AUTO_LETS_ENCRYPT=no` you can remove the environment variable to disable Let's Encrypt)
 - The container is exposing TCP/8080 for HTTP and TCP/8443 for HTTPS
-- The /www volume can be mounted as read-only for security reason whereas the /etc/letsencrypt one must be mounted as read/write
+- The /www volume is used to deliver static files and can be mounted as read-only for security reason
+- The /etc/letsencrypt volume is used to store certificates and must be mounted as read/write
 
 Inspect the container logs until bunkerized-nginx is started then visit http(s)://www.example.com to confirm that everything is working as expected.
 
@@ -107,6 +108,151 @@ services:
 
 ### Autoconf
 
+The downside of using environment variables is that the container needs to be recreated each time there is an update which is not very convenient. To counter that issue, you can use another image called bunkerized-nginx-autoconf which will listen for Docker events and automatically configure bunkerized-nginx instance in real time without recreating the container. Instead of defining environment variables for the bunkerized-nginx container, you simply add labels to your web services and bunkerized-nginx-autoconf will "automagically" take care of the rest.
+
+<img src="https://github.com/bunkerity/bunkerized-nginx/blob/dev/docs/img/autoconf-docker.png?raw=true" />
+
+First of all, you will need a network so autoconf and bunkerized-nginx can communicate and another one to allow communication between bunkerized-nginx and your web services :
+```shell
+$ docker network create bunkerized-net
+$ docker network create services-net
+```
+
+We will also make use of a named volume to share the configuration :
+```shell
+$ docker volume create bunkerized-vol
+```
+
+You can now create the bunkerized-nginx container, connect it to the web services network and start it :
+```shell
+$ docker run \
+         --name mybunkerized \
+         -l bunkerized-nginx.AUTOCONF \
+         --network bunkerized-net \
+         -p 80:8080 \
+         -p 443:8443 \
+         -v "${PWD}/www:/www:ro" \
+         -v "${PWD}/certs:/etc/letsencrypt:ro" \
+         -v bunkerized-vol:/etc/nginx:ro \
+         -e MULTISITE=yes \
+         -e SERVER_NAME= \
+         -e AUTO_LETS_ENCRYPT=yes \
+         bunkerity/bunkerized-nginx
+$ docker network connect services-net mybunkerized
+$ docker start mybunkerized
+```
+
+The autoconf one can now be started :
+```shell
+$ docker run \
+         --name myautoconf \
+         --network bunkerized-net \
+         --volumes-from mybunkerized:rw \
+         -v /var/run/docker.sock:/var/run/docker.sock:ro \
+         bunkerity/bunkerized-nginx-autoconf
+```
+
+Here is the docker-compose equivalent :
+```yaml
+version: '3'
+
+services:
+
+  mybunkerized:
+    image: bunkerity/bunkerized-nginx
+    restart: always
+    ports:
+      - 80:8080
+      - 443:8443
+    volumes:
+      - ./certs:/etc/letsencrypt
+      - ./www:/www:ro
+      - bunkerized-vol:/etc/nginx
+    environment:
+      - SERVER_NAME=
+      - MULTISITE=yes
+      - AUTO_LETS_ENCRYPT=yes
+    labels:
+      - "bunkerized-nginx.AUTOCONF"
+    networks:
+      - bunkerized-net
+      - services-net
+
+  myautoconf:
+    image: bunkerity/bunkerized-nginx-autoconf
+    restart: always
+    volumes_from:
+      - mybunkerized
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    depends_on:
+      - mybunkerized
+    networks:
+      - bunkerized-net
+
+volumes:
+  autoconf:
+
+networks:
+  bunkerized-net:
+    name: bunkerized-net
+  services-net:
+    name: services-net
+```
+
+Important things to note :
+- autoconf needs to send reload orders to bunkerized-nginx, they need to be on the same network
+- autoconf is generating config files and other artefacts for the bunkerized-nginx, they need to share the volumes
+- autoconf must have access to the Docker socket in order to get events and access to labels
+- bunkerized-nginx must have the bunkerized-nginx.AUTOCONF label
+- bunkerized-nginx must be started in [multisite mode](#) with the `MULTISITE=yes` environment variable
+- When setting the `SERVER_NAME` environment variable to an empty value, bunkerized-nginx won't generate any web service configuration at startup
+- The `AUTO_LETS_ENCRYPT=yes` will be applied to all subsequent web service configuration, unless overriden by the web service labels
+
+Check the logs of both autoconf and bunkerized-nginx to see if everything is working as expected.
+
+You can now create a new web service and add environment variables as labels with the **"bunkerized-nginx." prefix** so the autoconf service will "automagically" do the configuration for you :
+```shell
+$ docker run \
+         --name myservice \
+         --network services-net \
+         -l bunkerized-nginx.SERVER_NAME=www.example.com \
+         -l bunkerized-nginx.USE_REVERSE_PROXY=yes \
+         -l bunkerized-nginx.REVERSE_PROXY_URL=/ \
+         -l bunkerized-nginx.REVERSE_PROXY_HOST=http://myservice \
+         tutum/hello-world
+```
+
+docker-compose equivalent :
+```yaml
+version: "3"
+
+services:
+
+  myservice:
+    image: tutum/hello-world
+    networks:
+      myservice:
+        aliases:
+          - myservice
+    labels:
+      - "bunkerized-nginx.SERVER_NAME=www.example.com"
+      - "bunkerized-nginx.USE_REVERSE_PROXY=yes"
+      - "bunkerized-nginx.REVERSE_PROXY_URL=/"
+      - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myservice"
+
+networks:
+  services-net:
+    external:
+      name: services-net
+```
+
+Please note that if you want to override the `AUTO_LETS_ENCRYPT=yes` previously defined in the bunkerized-nginx container, you simply need to add the `bunkerized-nginx.AUTO_LETS_ENCRYPT=no` label.
+
+Look at the logs of both autoconf and bunkerized-nginx to check if the configuration has been generated and loaded by bunkerized-nginx. You should now be able to visit http(s)://www.example.com.
+
+When your service is not needed anymore, you can delete it as usual. The autoconf should get the event and remove generate the configuration again.
+
 ## Docker Swarm
 
 ## Kubernetes