39 lines
1.3 KiB
YAML
39 lines
1.3 KiB
YAML
version: '3'
|
|
|
|
services:
|
|
|
|
mywww:
|
|
image: bunkerity/bunkerized-nginx
|
|
restart: always
|
|
depends_on:
|
|
- myphp
|
|
ports:
|
|
- 80:8080
|
|
- 443:8443
|
|
# bunkerized-nginx runs as an unprivileged user with UID/GID 101
|
|
# don't forget to edit the permissions of the files and folders accordingly
|
|
volumes:
|
|
- ./web-files:/www:ro
|
|
- ./letsencrypt:/letsencrypt:ro
|
|
environment:
|
|
- SERVER_NAME=www.website.com # replace with your domain(s)
|
|
- USE_CUSTOM_HTTPS=yes
|
|
- CUSTOM_HTTPS_CERT=/letsencrypt/live/website.com/fullchain.pem # replace with your path
|
|
- CUSTOM_HTTPS_KEY=/letsencrypt/live/website.com/privkey.pem # replace with your path
|
|
- REDIRECT_HTTP_TO_HTTPS=yes
|
|
- PROXY_REAL_IP=yes
|
|
# networks from https://www.cloudflare.com/ips-v4/
|
|
# you should check if the networks listed are up to date
|
|
- PROXY_REAL_IP_FROM=173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 172.64.0.0/13 131.0.72.0/22 104.16.0.0/13 104.24.0.0/14
|
|
- DISABLE_DEFAULT_SERVER=yes
|
|
- USE_CLIENT_CACHE=yes
|
|
- USE_GZIP=yes
|
|
- REMOTE_PHP=myphp
|
|
- REMOTE_PHP_PATH=/app
|
|
|
|
myphp:
|
|
image: php:fpm
|
|
restart: always
|
|
volumes:
|
|
- ./web-files:/app
|