Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
bunkerweb/examples/swarm-redis/nginx-autoconf.yml

77 lines
2.1 KiB
YAML
Raw Blame History

version: '3.8'
services:
autoconf:
image: bunkerity/bunkerized-nginx-autoconf
# bunkerized-nginx runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /shared/confs:/etc/nginx
- /shared/letsencrypt:/etc/letsencrypt
- /shared/acme-challenge:/acme-challenge
- /shared/cache:/cache
- /shared/modsec-confs:/modsec-confs:ro
- /shared/modsec-crs-confs:/modsec-crs-confs:ro
environment:
- SWARM_MODE=yes
- API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from nginx
networks:
- net_config
deploy:
replicas: 1
placement:
constraints:
- "node.role==manager"
nginx:
image: bunkerity/bunkerized-nginx
ports:
- published: 80
target: 8080
mode: host
protocol: tcp
- published: 443
target: 8443
mode: host
protocol: tcp
# bunkerized-nginx runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
volumes:
- /shared/confs:/etc/nginx:ro
- /shared/letsencrypt:/etc/letsencrypt:ro
- /shared/acme-challenge:/acme-challenge:ro
- /shared/www:/www:ro
- /shared/cache:/cache:ro
- /shared/modsec-confs:/modsec-confs:ro
- /shared/modsec-crs-confs:/modsec-crs-confs:ro
environment:
- SWARM_MODE=yes
- USE_REDIS=yes
- REDIS_HOST=redis
- USE_API=yes
- API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from autoconf
- MULTISITE=yes
- SERVER_NAME=
- AUTO_LETS_ENCRYPT=yes
- REDIRECT_HTTP_TO_HTTPS=yes
- DISABLE_DEFAULT_SERVER=yes
- USE_CLIENT_CACHE=yes
networks:
- net_config
- net_services
deploy:
mode: global
placement:
constraints:
- "node.role==worker"
labels:
- "bunkerized-nginx.AUTOCONF"
networks:
net_config:
external: true
net_services:
external: true
Reference in New Issue View Git Blame Copy Permalink