52 lines
1.2 KiB
YAML
52 lines
1.2 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
|
|
nginx:
|
|
image: bunkerity/bunkerized-nginx
|
|
ports:
|
|
- published: 80
|
|
target: 8080
|
|
mode: host
|
|
protocol: tcp
|
|
- published: 443
|
|
target: 8443
|
|
mode: host
|
|
protocol: tcp
|
|
# bunkerized-nginx runs as an unprivileged user with UID/GID 101
|
|
# don't forget to edit the permissions of the files and folders accordingly
|
|
volumes:
|
|
- /shared/confs:/etc/nginx:ro
|
|
- /shared/letsencrypt:/etc/letsencrypt:ro
|
|
- /shared/acme-challenge:/acme-challenge:ro
|
|
- /shared/www:/www:ro
|
|
- /shared/cache:/cache:ro
|
|
environment:
|
|
- SWARM_MODE=yes
|
|
- USE_API=yes
|
|
- API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from autoconf
|
|
- MULTISITE=yes
|
|
- SERVER_NAME=
|
|
- AUTO_LETS_ENCRYPT=yes
|
|
- REDIRECT_HTTP_TO_HTTPS=yes
|
|
- DISABLE_DEFAULT_SERVER=yes
|
|
- USE_CLIENT_CACHE=yes
|
|
- USE_REDIS=yes
|
|
- REDIS_HOST=redis
|
|
networks:
|
|
- net_config
|
|
- net_services
|
|
deploy:
|
|
mode: global
|
|
placement:
|
|
constraints:
|
|
- "node.role==worker"
|
|
labels:
|
|
- "bunkerized-nginx.AUTOCONF"
|
|
|
|
networks:
|
|
net_config:
|
|
external: true
|
|
net_services:
|
|
external: true
|