diff --git a/.gitmodules b/.gitmodules index 246eab385..876b5e3e8 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,6 +2,6 @@ path = examples/crowdsec/bunkerized-nginx-crowdsec url = https://github.com/bunkerity/bunkerized-nginx-crowdsec -[submodule "bunkerized-nginx-clamav"] +[submodule "examples/clamav/bunkerized-nginx-clamav"] path = examples/clamav/bunkerized-nginx-clamav - url = https://github.com/bunkerity/bunkerized-nginx-clamav + url = https://github.com/bunkerity/bunkerized-nginx-clamav.git diff --git a/examples/authelia/README.md b/examples/authelia/README.md index a2946d4ea..4f69af3cd 100644 --- a/examples/authelia/README.md +++ b/examples/authelia/README.md @@ -17,3 +17,11 @@ First of all, you will need to edit the configuration files inside the authelia ## Docker See [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/authelia/docker-compose.yml). + +## Docker autoconf + +See [docker-compose.autoconf.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/authelia/docker-compose.autoconf.yml). + +## Docker Swarm + +See [docker-compose.swarm.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/authelia/docker-compose.swarm.yml). diff --git a/examples/authelia/docker-compose.autoconf.yml b/examples/authelia/docker-compose.autoconf.yml new file mode 100644 index 000000000..a79db6e00 --- /dev/null +++ b/examples/authelia/docker-compose.autoconf.yml @@ -0,0 +1,70 @@ +version: '3.3' + +services: + + authelia: + image: authelia/authelia + networks: + services-net: + aliases: + - authelia + volumes: + - ./authelia:/config + healthcheck: + disable: true + environment: + - TZ=France/Paris + labels: + - "bunkerized-nginx.SERVER_NAME=auth.example.com" + - "bunkerized-nginx.USE_REVERSE_PROXY=yes" + - "bunkerized-nginx.REVERSE_PROXY_URL=/" + - "bunkerized-nginx.REVERSE_PROXY_HOST=http://authelia:9091" + + redis: + image: redis:alpine + networks: + services-net: + aliases: + - redis + volumes: + - ./redis:/data + environment: + - TZ=France/Paris + + myapp1: + image: php:fpm + networks: + services-net: + aliases: + - myapp1 + volumes: + - ./web-files/app1.example.com:/app + labels: + - "bunkerized-nginx.SERVER_NAME=app1.example.com" + - "bunkerized-nginx.USE_AUTHELIA=yes" + - "bunkerized-nginx.AUTHELIA_BACKEND=https://auth.example.com" + - "bunkerized-nginx.AUTHELIA_UPSTREAM=http://authelia:9091" + - "bunkerized-nginx.REMOTE_PHP=myapp1" + - "bunkerized-nginx.REMOTE_PHP_PATH=/app" + + myapp2: + image: php:apache + networks: + services-net: + aliases: + - myapp2 + volumes: + - ./web-files/app2.example.com:/var/www/html + labels: + - "bunkerized-nginx.SERVER_NAME=app2.example.com" + - "bunkerized-nginx.USE_AUTHELIA=yes" + - "bunkerized-nginx.AUTHELIA_BACKEND=https://auth.example.com" + - "bunkerized-nginx.AUTHELIA_UPSTREAM=http://authelia:9091" + - "bunkerized-nginx.USE_REVERSE_PROXY=yes" + - "bunkerized-nginx.REVERSE_PROXY_URL=/" + - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp2" + +networks: + services-net: + external: + name: services-net diff --git a/examples/authelia/docker-compose.swarm.yml b/examples/authelia/docker-compose.swarm.yml new file mode 100644 index 000000000..2fd9b8acc --- /dev/null +++ b/examples/authelia/docker-compose.swarm.yml @@ -0,0 +1,82 @@ +version: '3.3' + +services: + + authelia: + image: authelia/authelia + networks: + services-net: + aliases: + - authelia + volumes: + - /shared/authelia:/config + healthcheck: + disable: true + environment: + - TZ=France/Paris + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - "bunkerized-nginx.SERVER_NAME=auth.example.com" + - "bunkerized-nginx.USE_REVERSE_PROXY=yes" + - "bunkerized-nginx.REVERSE_PROXY_URL=/" + - "bunkerized-nginx.REVERSE_PROXY_HOST=http://authelia:9091" + + redis: + image: redis:alpine + networks: + services-net: + aliases: + - redis + volumes: + - /shared/redis:/data + environment: + - TZ=France/Paris + + myapp1: + image: php:fpm + networks: + services-net: + aliases: + - myapp1 + volumes: + - /shared/www/app1.example.com:/app + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - "bunkerized-nginx.SERVER_NAME=app1.example.com" + - "bunkerized-nginx.USE_AUTHELIA=yes" + - "bunkerized-nginx.AUTHELIA_BACKEND=https://auth.example.com" + - "bunkerized-nginx.AUTHELIA_UPSTREAM=http://authelia:9091" + - "bunkerized-nginx.REMOTE_PHP=myapp1" + - "bunkerized-nginx.REMOTE_PHP_PATH=/app" + + myapp2: + image: php:apache + networks: + services-net: + aliases: + - myapp2 + volumes: + - /shared/www/app2.example.com:/var/www/html + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - "bunkerized-nginx.SERVER_NAME=app2.example.com" + - "bunkerized-nginx.USE_AUTHELIA=yes" + - "bunkerized-nginx.AUTHELIA_BACKEND=https://auth.example.com" + - "bunkerized-nginx.AUTHELIA_UPSTREAM=http://authelia:9091" + - "bunkerized-nginx.USE_REVERSE_PROXY=yes" + - "bunkerized-nginx.REVERSE_PROXY_URL=/" + - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp2" + +networks: + services-net: + external: + name: services-net diff --git a/examples/autoconf-php/README.md b/examples/autoconf-php/README.md index d38d4cc56..bb82afd07 100644 --- a/examples/autoconf-php/README.md +++ b/examples/autoconf-php/README.md @@ -8,6 +8,6 @@ Quickly deploy PHP app on Docker containers without restarting bunkerized-nginx. ## Autoconf -First of all, you need to run bunkerized-nginx and bunkerized-nginx-autoconf : see [docker-compose-nginx.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-php/docker-compose-nginx.yml). +First of all, you need to setup the [Docker autoconf integration](https://bunkerized-nginx.readthedocs.io/en/latest/integrations.html#docker-autoconf). -Then, you can add and remove PHP apps with special `bunkerized-nginx.*` labels so the configurations are automatically generated : see [docker-compose-php.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-php/docker-compose-php.yml). +Then, you can add and remove PHP apps with special `bunkerized-nginx.*` labels so the configurations are automatically generated : see [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-php/docker-compose.yml). diff --git a/examples/autoconf-php/docker-compose-nginx.yml b/examples/autoconf-php/docker-compose-nginx.yml deleted file mode 100644 index aee60c5f5..000000000 --- a/examples/autoconf-php/docker-compose-nginx.yml +++ /dev/null @@ -1,44 +0,0 @@ -version: '3' - -services: - - mywww: - image: bunkerity/bunkerized-nginx - restart: always - ports: - - 80:8080 - - 443:8443 - # bunkerized-nginx runs as an unprivileged user with UID/GID 101 - # don't forget to edit the permissions of the files and folders accordingly - volumes: - - ./letsencrypt:/etc/letsencrypt - - ./web-files:/www:ro - - autoconf:/etc/nginx - environment: - - SERVER_NAME= # must be left blank if you don't want to setup "static" conf - - MULTISITE=yes - - AUTO_LETS_ENCRYPT=yes - - REDIRECT_HTTP_TO_HTTPS=yes - - DISABLE_DEFAULT_SERVER=yes - - USE_CLIENT_CACHE=yes - - USE_GZIP=yes - labels: - - "bunkerized-nginx.AUTOCONF" - networks: - - myphpnet - - myautoconf: - image: bunkerity/bunkerized-nginx-autoconf - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - autoconf:/etc/nginx - depends_on: - - mywww - -volumes: - autoconf: - -networks: - myphpnet: - name: myphpnet diff --git a/examples/autoconf-php/docker-compose-php.yml b/examples/autoconf-php/docker-compose.yml similarity index 87% rename from examples/autoconf-php/docker-compose-php.yml rename to examples/autoconf-php/docker-compose.yml index 2f0426e92..653be8044 100644 --- a/examples/autoconf-php/docker-compose-php.yml +++ b/examples/autoconf-php/docker-compose.yml @@ -4,47 +4,44 @@ services: myapp1: image: php:fpm - restart: always + networks: + services-net: + aliases: + - myapp1 volumes: - ./web-files/app1.example.com:/app labels: - "bunkerized-nginx.SERVER_NAME=app1.example.com" # replace with your domain - "bunkerized-nginx.REMOTE_PHP=myapp1" - "bunkerized-nginx.REMOTE_PHP_PATH=/app" - networks: - myphpnet: - aliases: - - myapp1 myapp2: image: php:fpm - restart: always + networks: + services-net: + aliases: + - myapp2 volumes: - ./web-files/app2.example.com:/app labels: - "bunkerized-nginx.SERVER_NAME=app2.example.com" # replace with your domain - "bunkerized-nginx.REMOTE_PHP=myapp2" - "bunkerized-nginx.REMOTE_PHP_PATH=/app" - networks: - myphpnet: - aliases: - - myapp2 myapp3: image: php:fpm - restart: always + networks: + services-net: + aliases: + - myapp3 volumes: - ./web-files/app3.example.com:/app labels: - "bunkerized-nginx.SERVER_NAME=app3.example.com" # replace with your domain - "bunkerized-nginx.REMOTE_PHP=myapp3" - "bunkerized-nginx.REMOTE_PHP_PATH=/app" - networks: - myphpnet: - aliases: - - myapp3 networks: - myphpnet: + services-net: external: - name: myphpnet + name: services-net diff --git a/examples/autoconf-reverse-proxy/README.md b/examples/autoconf-reverse-proxy/README.md index 348b56c82..7feb8f21c 100644 --- a/examples/autoconf-reverse-proxy/README.md +++ b/examples/autoconf-reverse-proxy/README.md @@ -8,6 +8,6 @@ Quickly deploy web app on Docker containers without restarting bunkerized-nginx. ## Autoconf -First of all, you need to run bunkerized-nginx and bunkerized-nginx-autoconf : see [docker-compose-nginx.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-reverse-proxy/docker-compose-nginx.yml). +First of all, you need to setup the [Docker autoconf integration](https://bunkerized-nginx.readthedocs.io/en/latest/integrations.html#docker-autoconf). -Then, you can add and remove web apps with special `bunkerized-nginx.*` labels so the configurations are automatically generated : see [docker-compose-apps.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-reverse-proxy/docker-compose-apps.yml). +Then, you can add and remove web apps with special `bunkerized-nginx.*` labels so the configurations are automatically generated : see [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/autoconf-reverse-proxy/docker-compose.yml). diff --git a/examples/autoconf-reverse-proxy/docker-compose-nginx.yml b/examples/autoconf-reverse-proxy/docker-compose-nginx.yml deleted file mode 100644 index 957e82f8d..000000000 --- a/examples/autoconf-reverse-proxy/docker-compose-nginx.yml +++ /dev/null @@ -1,45 +0,0 @@ -version: '3' - -services: - - mywww: - image: bunkerity/bunkerized-nginx - restart: always - ports: - - 80:8080 - - 443:8443 - # bunkerized-nginx runs as an unprivileged user with UID/GID 101 - # don't forget to edit the permissions of the files and folders accordingly - volumes: - - ./letsencrypt:/etc/letsencrypt - - autoconf:/etc/nginx - environment: - - SERVER_NAME= # must be left blank if you don't want to setup "static" conf - - MULTISITE=yes - - AUTO_LETS_ENCRYPT=yes - - REDIRECT_HTTP_TO_HTTPS=yes - - DISABLE_DEFAULT_SERVER=yes - - USE_CLIENT_CACHE=yes - - USE_PROXY_CACHE=yes - - USE_GZIP=yes - - USE_REVERSE_PROXY=yes - labels: - - "bunkerized-nginx.AUTOCONF" - networks: - - myappnet - - myautoconf: - image: bunkerity/bunkerized-nginx-autoconf - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - autoconf:/etc/nginx - depends_on: - - mywww - -volumes: - autoconf: - -networks: - myappnet: - name: myappnet diff --git a/examples/autoconf-reverse-proxy/docker-compose-apps.yml b/examples/autoconf-reverse-proxy/docker-compose.yml similarity index 88% rename from examples/autoconf-reverse-proxy/docker-compose-apps.yml rename to examples/autoconf-reverse-proxy/docker-compose.yml index 56d93e687..4e003de13 100644 --- a/examples/autoconf-reverse-proxy/docker-compose-apps.yml +++ b/examples/autoconf-reverse-proxy/docker-compose.yml @@ -4,47 +4,44 @@ services: myapp1: build: js-app - restart: always + networks: + services-net: + aliases: + - myapp1 environment: - NODE_ENV=production labels: - "bunkerized-nginx.SERVER_NAME=app1.example.com" # replace with your domain - "bunkerized-nginx.REVERSE_PROXY_URL=/" - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp1:3000" - networks: - myappnet: - aliases: - - myapp1 myapp2: build: js-app - restart: always + networks: + services-net: + aliases: + - myapp2 environment: - NODE_ENV=production labels: - "bunkerized-nginx.SERVER_NAME=app2.example.com" # replace with your domain - "bunkerized-nginx.REVERSE_PROXY_URL=/" - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp2:3000" - networks: - myappnet: - aliases: - - myapp2 myapp3: build: js-app - restart: always + networks: + services-net: + aliases: + - myapp3 environment: - NODE_ENV=production labels: - "bunkerized-nginx.SERVER_NAME=app3.example.com" # replace with your domain - "bunkerized-nginx.REVERSE_PROXY_URL=/" - "bunkerized-nginx.REVERSE_PROXY_HOST=http://myapp3:3000" - networks: - myappnet: - aliases: - - myapp3 networks: - myphpnet: + services-net: external: - name: myphpnet + name: services-net diff --git a/examples/basic-website-with-php/docker-compose.yml b/examples/basic-website-with-php/docker-compose.yml index b3b154031..c6e003d20 100644 --- a/examples/basic-website-with-php/docker-compose.yml +++ b/examples/basic-website-with-php/docker-compose.yml @@ -4,7 +4,6 @@ services: mywww: image: bunkerity/bunkerized-nginx - restart: always depends_on: - myphp ports: diff --git a/examples/basic-website-with-php/variables.env b/examples/basic-website-with-php/variables.env index 715cae717..7bbf93405 100644 --- a/examples/basic-website-with-php/variables.env +++ b/examples/basic-website-with-php/variables.env @@ -6,5 +6,5 @@ REDIRECT_HTTP_TO_HTTPS=yes DISABLE_DEFAULT_SERVER=yes USE_CLIENT_CACHE=yes USE_GZIP=yes -REMOTE_PHP=localhost -REMOTE_PHP_PATH=/opt/bunkerized-nginx/www +LOCAL_PHP=/run/php/php7.3-fpm.sock +LOCAL_PHP_PATH=/opt/bunkerize-nginx/www diff --git a/examples/clamav/bunkerized-nginx-clamav b/examples/clamav/bunkerized-nginx-clamav new file mode 160000 index 000000000..a48ee83b9 --- /dev/null +++ b/examples/clamav/bunkerized-nginx-clamav @@ -0,0 +1 @@ +Subproject commit a48ee83b95a5f91cd7d7084b34068e6ecf28f23d diff --git a/examples/clamav/docker-compose.yml b/examples/clamav/docker-compose.yml index 0ad75b9c4..5a9220184 100644 --- a/examples/clamav/docker-compose.yml +++ b/examples/clamav/docker-compose.yml @@ -15,7 +15,7 @@ services: volumes: - ./web-files:/www:ro - ./letsencrypt:/etc/letsencrypt - - ./bunkerized-nginx-clamav:/plugins/clamav:ro # you will need to download the plugin see download-plugin.sh + - ./bunkerized-nginx-clamav:/plugins/clamav # you will need to download the plugin see download-plugin.sh environment: - SERVER_NAME=www.example.com # replace with your domain - AUTO_LETS_ENCRYPT=yes diff --git a/examples/kubernetes/README.md b/examples/kubernetes/README.md index c084ffc1b..0db9ede39 100644 --- a/examples/kubernetes/README.md +++ b/examples/kubernetes/README.md @@ -1,15 +1,11 @@ # Kubernetes -Various examples on how to use bunkerized-nginx within a Kubernetes cluster. See the [Kubernetes section of the documentation](#TODO) for more information. +Basic examples on how to use bunkerized-nginx within a Kubernetes cluster. See the [Kubernetes integration section of the documentation](https://bunkerized-nginx.readthedocs.io/en/latest/integrations.html#kubernetes) for more information. ## Architecture -## Configuration - -We will assume that you have setup the [bunkerized-nginx ingress controller](#TODO) inside your cluster. - ## Kubernetes See [ingress.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/kubernetes/ingress.yml), [php.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/kubernetes/php.yml) and [reverse-proxy.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/kubernetes/reverse-proxy.yml). diff --git a/examples/swarm-redis/README.md b/examples/swarm-redis/README.md index add0b60f2..57bbfbf2a 100644 --- a/examples/swarm-redis/README.md +++ b/examples/swarm-redis/README.md @@ -1,6 +1,6 @@ -# Swarm wit hredis +# Swarm with redis -Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm cluster and use redis to distribute the blacklists. See the [Docker Swarm](#TODO) section of the documentation for more information. +Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm cluster and use redis to distribute the blacklists. See the [Docker Swarm integration section of the documentation](https://bunkerized-nginx.readthedocs.io/en/latest/integrations.html#docker-swarm) for more information. ## Architecture @@ -11,8 +11,8 @@ Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm c This example uses two overlay networks needed by the services : ```shell -$ docker network create -d overlay --attachable net_config -$ docker network create -d overlay --attachable net_services +$ docker network create -d overlay --attachable config-net +$ docker network create -d overlay --attachable services-net ``` First you need to create the redis service : see [redis.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm-redis/redis.yml). diff --git a/examples/swarm-redis/nginx-autoconf.yml b/examples/swarm-redis/nginx-autoconf.yml index c55015dbb..e2a2371b3 100644 --- a/examples/swarm-redis/nginx-autoconf.yml +++ b/examples/swarm-redis/nginx-autoconf.yml @@ -18,7 +18,7 @@ services: - SWARM_MODE=yes - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from nginx networks: - - net_config + - config-net deploy: replicas: 1 placement: @@ -59,8 +59,8 @@ services: - DISABLE_DEFAULT_SERVER=yes - USE_CLIENT_CACHE=yes networks: - - net_config - - net_services + - config-net + - services-net deploy: mode: global placement: @@ -70,7 +70,9 @@ services: - "bunkerized-nginx.AUTOCONF" networks: - net_config: - external: true - net_services: - external: true + config-net: + external: + name: config-net + services-net: + external: + name: services-net diff --git a/examples/swarm-redis/redis.yml b/examples/swarm-redis/redis.yml index d02f8cd27..31e2307a6 100644 --- a/examples/swarm-redis/redis.yml +++ b/examples/swarm-redis/redis.yml @@ -5,7 +5,7 @@ services: redis: image: redis:alpine networks: - - net_config + - config-net deploy: replicas: 1 placement: @@ -13,5 +13,6 @@ services: - "node.role==worker" networks: - net_config: - external: true + config-net: + external: + name: config-net diff --git a/examples/swarm-redis/services.yml b/examples/swarm-redis/services.yml index f985a3522..3d75b59dc 100644 --- a/examples/swarm-redis/services.yml +++ b/examples/swarm-redis/services.yml @@ -7,7 +7,7 @@ services: volumes: - /shared/www/app1.example.com:/www networks: - - net_services + - services-net deploy: replicas: 1 placement: @@ -24,7 +24,7 @@ services: - PMA_ARBITRARY=1 - PMA_ABSOLUTE_URI=https://app2.example.com networks: - - net_services + - services-net deploy: replicas: 1 placement: @@ -38,5 +38,6 @@ services: - "bunkerized-nginx.REVERSE_PROXY_HOST=http://app2" networks: - net_services: - external: true + services-net: + external: + name: services-net diff --git a/examples/swarm/README.md b/examples/swarm/README.md index 6ea38dbff..133ea7581 100644 --- a/examples/swarm/README.md +++ b/examples/swarm/README.md @@ -1,6 +1,6 @@ # Swarm -Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm cluster. See the [Docker Swarm](#TODO) section of the documentation for more information. +Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm cluster. See the [Docker Swarm integration section of the documentation](https://bunkerized-nginx.readthedocs.io/en/latest/integrations.html#docker-swarm) for more information. ## Architecture @@ -8,13 +8,6 @@ Basic examples on how to deploy and use bunkerized-nginx within a Docker Swarm c ## Swarm -This example uses two overlay networks needed by the services : - -```shell -$ docker network create -d overlay --attachable net_config -$ docker network create -d overlay --attachable net_services -``` - -First you will need to setup bunkerized-nginx and the autoconf with Swarm mode activated : see [nginx-autoconf.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm/nginx-autoconf.yml). +We assume that you've installed bunkerized-nginx and the autoconf on service on your Docker Swarm cluster. Then you can add and delete your web services and autoconf will automatically generate the configuration based on your labels : see [services.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/swarm/services.yml). diff --git a/examples/swarm/nginx-autoconf.yml b/examples/swarm/nginx-autoconf.yml deleted file mode 100644 index 39c65cbee..000000000 --- a/examples/swarm/nginx-autoconf.yml +++ /dev/null @@ -1,74 +0,0 @@ -version: '3.8' - -services: - - autoconf: - image: bunkerity/bunkerized-nginx-autoconf - # bunkerized-nginx runs as an unprivileged user with UID/GID 101 - # don't forget to edit the permissions of the files and folders accordingly - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - /shared/confs:/etc/nginx - - /shared/letsencrypt:/etc/letsencrypt - - /shared/acme-challenge:/acme-challenge - - /shared/cache:/cache - - /shared/modsec-confs:/modsec-confs:ro - - /shared/modsec-crs-confs:/modsec-crs-confs:ro - environment: - - SWARM_MODE=yes - - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from nginx - networks: - - net_config - deploy: - replicas: 1 - placement: - constraints: - - "node.role==manager" - - nginx: - image: bunkerity/bunkerized-nginx - ports: - - published: 80 - target: 8080 - mode: host - protocol: tcp - - published: 443 - target: 8443 - mode: host - protocol: tcp - # bunkerized-nginx runs as an unprivileged user with UID/GID 101 - # don't forget to edit the permissions of the files and folders accordingly - volumes: - - /shared/confs:/etc/nginx:ro - - /shared/letsencrypt:/etc/letsencrypt:ro - - /shared/acme-challenge:/acme-challenge:ro - - /shared/www:/www:ro - - /shared/cache:/cache:ro - - /shared/modsec-confs:/modsec-confs:ro - - /shared/modsec-crs-confs:/modsec-crs-confs:ro - environment: - - SWARM_MODE=yes - - USE_API=yes - - API_URI=/ChangeMeToSomethingHardToGuess # must match API_URI from autoconf - - MULTISITE=yes - - SERVER_NAME= - - AUTO_LETS_ENCRYPT=yes - - REDIRECT_HTTP_TO_HTTPS=yes - - DISABLE_DEFAULT_SERVER=yes - - USE_CLIENT_CACHE=yes - networks: - - net_config - - net_services - deploy: - mode: global - placement: - constraints: - - "node.role==worker" - labels: - - "bunkerized-nginx.AUTOCONF" - -networks: - net_config: - external: true - net_services: - external: true diff --git a/examples/swarm/services.yml b/examples/swarm/services.yml index f985a3522..3d75b59dc 100644 --- a/examples/swarm/services.yml +++ b/examples/swarm/services.yml @@ -7,7 +7,7 @@ services: volumes: - /shared/www/app1.example.com:/www networks: - - net_services + - services-net deploy: replicas: 1 placement: @@ -24,7 +24,7 @@ services: - PMA_ARBITRARY=1 - PMA_ABSOLUTE_URI=https://app2.example.com networks: - - net_services + - services-net deploy: replicas: 1 placement: @@ -38,5 +38,6 @@ services: - "bunkerized-nginx.REVERSE_PROXY_HOST=http://app2" networks: - net_services: - external: true + services-net: + external: + name: services-net diff --git a/examples/web-ui/README.md b/examples/web-ui/README.md index 7091d94bc..3924f8cfd 100644 --- a/examples/web-ui/README.md +++ b/examples/web-ui/README.md @@ -9,15 +9,3 @@ Use the web UI panel to configure your bunkerized-nginx instances. ## Docker See [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/web-ui/docker-compose.yml). - -## Linux - -TODO - -## Autoconf - -TODO - -## Swarm - -TODO