From d6b845a3c31876804b3b42b35ef690d4375eb4a3 Mon Sep 17 00:00:00 2001 From: koalasat Date: Wed, 12 Feb 2025 20:26:56 +0100 Subject: [PATCH] Fisrt commit --- README.md | 4 ++- docker-compose.yml | 30 ++++++++++++++++++ nginx/conf/nginx.conf | 71 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 docker-compose.yml create mode 100644 nginx/conf/nginx.conf diff --git a/README.md b/README.md index 2f15d11..10fea0d 100644 --- a/README.md +++ b/README.md @@ -1 +1,3 @@ -# robosats-web-host \ No newline at end of file +# robosats-web-host + +https://learn.robosats.org \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..f294c3c --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,30 @@ +version: '3.4' + +services: + nginx: + build: + context: . + dockerfile: Dockerfile + ports: + - '80:80' + - '443:443' + restart: always + volumes: + - ./nginx/conf/:/etc/nginx/conf.d/:ro + - /var/www/certbot:/var/www/certbot/:ro + - /etc/letsencrypt/:/etc/nginx/ssl/:ro + - ./nostr:/nostr:ro + networks: + - nginx + command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" + certbot: + image: certbot/certbot:latest + restart: always + volumes: + - /var/www/certbot/:/var/www/certbot/:rw + - /etc/letsencrypt/:/etc/letsencrypt/:rw + entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" +networks: + nginx: + driver: bridge + external: true diff --git a/nginx/conf/nginx.conf b/nginx/conf/nginx.conf new file mode 100644 index 0000000..88566f2 --- /dev/null +++ b/nginx/conf/nginx.conf @@ -0,0 +1,71 @@ +server { + listen 80; + listen [::]:80; + + server_name learn.robosats.org; + + location /.well-known/acme-challenge { + root /var/www/certbot; + } + location / { + return 301 https://learn.robosats.org$request_uri; + } +} + +server { + listen 80; + listen [::]:80; + + server_name docs.robosats.org; + server_tokens off; + + location /.well-known/acme-challenge { + root /var/www/certbot; + } + + location / { + return 301 https://docs.robosats.org$request_uri; + } +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + http2 on; + + server_name learn.robosats.org; + + ssl_certificate /etc/nginx/ssl/live/learn.robosats.org/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/live/learn.robosats.org/privkey.pem; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_pass http://pages:4000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + http2 on; + + server_name docs.robosats.org; + + ssl_certificate /etc/nginx/ssl/live/docs.robosats.org/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/live/docs.robosats.org/privkey.pem; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_pass http://pages:4000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +}