diff --git a/Docker/.gitignore b/Docker/.gitignore index e1b726025..80c983e6f 100644 --- a/Docker/.gitignore +++ b/Docker/.gitignore @@ -2,4 +2,6 @@ !build_images.sh mongo/data/* redis/data/* +nginx/* +certbot/* *.env \ No newline at end of file diff --git a/Docker/client.Dockerfile b/Docker/client.Dockerfile index aaea43c06..0f7935cd1 100644 --- a/Docker/client.Dockerfile +++ b/Docker/client.Dockerfile @@ -16,7 +16,7 @@ RUN npm run build FROM nginx:1.27.1-alpine -COPY ./Docker/nginx/default.conf /etc/nginx/conf.d/default.conf +# COPY ./Docker/nginx/default.conf /etc/nginx/conf.d/default.conf COPY --from=build /app/dist /usr/share/nginx/html CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/Docker/docker-compose.yaml b/Docker/docker-compose.yaml index 1abbce9d4..c9fa3431f 100644 --- a/Docker/docker-compose.yaml +++ b/Docker/docker-compose.yaml @@ -1,11 +1,21 @@ -version: "3" services: client: image: uptime_client:latest ports: - "80:80" + - "443:443" depends_on: - server + volumes: + - ./nginx/conf.d:/etc/nginx/conf.d/:ro + - ./certbot/www:/var/www/certbot/:ro + - ./certbot/conf/:/etc/nginx/ssl/:ro + + certbot: + image: certbot/certbot:latest + volumes: + - ./certbot/www/:/var/www/certbot/:rw + - ./certbot/conf/:/etc/letsencrypt/:rw server: image: uptime_server:latest ports: diff --git a/Docker/nginx/conf.d/default.conf b/Docker/nginx/conf.d/default.conf new file mode 100644 index 000000000..a04d32c87 --- /dev/null +++ b/Docker/nginx/conf.d/default.conf @@ -0,0 +1,51 @@ +server { + listen 80; + listen [::]:80; + + server_name uptime-demo.bluewavelabs.ca; + server_tokens off; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + location /api/ { + proxy_pass http://server:5000/api/; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} + +server { + listen 443 default_server ssl http2; + listen [::]:443 ssl http2; + + server_name uptime-demo.bluewavelabs.ca; + + ssl_certificate /etc/nginx/ssl/live/uptime-demo.bluewavelabs.ca/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/live/uptime-demo.bluewavelabs.ca/privkey.pem; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + location /api/ { + proxy_pass http://server:5000/api/; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/Docker/nginx/default.conf b/Docker/nginx/default.conf deleted file mode 100644 index 0c3122df3..000000000 --- a/Docker/nginx/default.conf +++ /dev/null @@ -1,45 +0,0 @@ -server { - listen 80; - listen [::]:80; - server_name localhost; - - #access_log /var/log/nginx/host.access.log main; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ /index.html; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -}