From 53eb9c11fc2170d72556c35b4c0cc5e18655e0aa Mon Sep 17 00:00:00 2001 From: Christian Winther Date: Mon, 15 Jan 2024 19:20:22 +0000 Subject: [PATCH] add faq --- .env.docker | 7 +++++-- docker-compose.yml | 6 ++++++ docker/README.md | 2 ++ docker/faq.md | 19 +++++++++++++++++++ 4 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 docker/faq.md diff --git a/.env.docker b/.env.docker index 559c06553..0f5aa6112 100644 --- a/.env.docker +++ b/.env.docker @@ -939,12 +939,15 @@ DOCKER_REDIS_PORT_EXTERNAL="${REDIS_PORT}" # Use "3306" for MySQL/MariaDB and "5432" for PostgreeSQL DOCKER_DB_PORT_EXTERNAL="${DB_PORT}" -# Port that the web will listen on *outside* the container (e.g. the host machine) for HTTP traffic +# Port that the [proxy] will listen on *outside* the container (e.g. the host machine) for HTTP traffic DOCKER_PROXY_PORT_EXTERNAL_HTTP="80" -# Port that the web will listen on *outside* the container (e.g. the host machine) for HTTPS traffic +# Port that the [proxy] will listen on *outside* the container (e.g. the host machine) for HTTPS traffic DOCKER_PROXY_PORT_EXTERNAL_HTTPS="443" +# Port to expose [web] container will listen on *outside* the container (e.g. the host machine) for *HTTP* traffic only +DOCKER_WEB_PORT_EXTERNAL_HTTP="8080" + # Path to the Docker socket on the *host* DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock" diff --git a/docker-compose.yml b/docker-compose.yml index 567998411..b2977e1e2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,6 +16,8 @@ services: image: nginxproxy/nginx-proxy:1.4 container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy" restart: unless-stopped + profiles: + - ${DOCKER_PROXY_PROFILE} volumes: - "${DOCKER_HOST_SOCKET_PATH}:/tmp/docker.sock:ro" - "${DOCKER_CONFIG_ROOT}/proxy/conf.d:/etc/nginx/conf.d" @@ -33,6 +35,8 @@ services: image: nginxproxy/acme-companion container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme" restart: unless-stopped + profiles: + - ${DOCKER_PROXY_ACME_PROFILE:-$DOCKER_PROXY_PROFILE} environment: DEBUG: 0 DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}" @@ -70,6 +74,8 @@ services: com.github.nginx-proxy.nginx-proxy.keepalive: 30 com.github.nginx-proxy.nginx-proxy.http2.enable: true com.github.nginx-proxy.nginx-proxy.http3.enable: true + # ports: + # - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80" depends_on: - db - redis diff --git a/docker/README.md b/docker/README.md index 65fcdf720..bb3389965 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,6 +1,8 @@ # Pixelfed + Docker + Docker Compose * [Setting up a new Pixelfed server with Docker Compose](new-server.md) + * [I already have a SSL certificate, how do I use it?](faq.md#i-already-have-a-proxy-how-do-i-disable-the-included-one) + * [I already have an proxy / how do I disable the Nginx proxy](faq.md#i-already-have-a-ssl-certificate-how-do-i-use-it) * [Understanding Pixelfed Container runtimes (Apache, FPM, Nginx + FPM)](runtimes.md) * [Apache](runtimes.md#apache) * [FPM](runtimes.md#fpm) diff --git a/docker/faq.md b/docker/faq.md new file mode 100644 index 000000000..c284940b8 --- /dev/null +++ b/docker/faq.md @@ -0,0 +1,19 @@ +# Pixelfed Docker FAQ + +## I already have a Proxy, how do I disable the included one? + +No problem! All you have to do is + +1. *Comment out* (or delete) the `proxy` and `proxy-acme` services in `docker-compose.yml` +1. *Uncomment* the `ports` block for the `web` servince in `docker-compose.yml` +1. Change the `DOCKER_WEB_PORT_EXTERNAL_HTTP` setting in your `.env` if you want to change the port from the default `8080` +1. Point your proxy upstream to the exposed `web` port. + +## I already have a SSL certificate, how do I use it? + +1. *Comment out* (or delete) the `proxy-acme` service in `docker-compose.yml` +1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs/${APP_DOMAIN}/`. The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses) + 1. `cert.pem` + 1. `chain.pem` + 1. `fullchain.pem` + 1. `key.pem`