From ee1c9899c981d1785e1ced8e64548cccb130622a Mon Sep 17 00:00:00 2001 From: sahil-sagwekar2652 Date: Wed, 10 Jan 2024 12:45:54 +0530 Subject: [PATCH] add certbot + nginx.conf --- docker-compose.yaml | 15 +++++++++++++-- nginx/Dockerfile | 4 ---- nginx/nginx.conf | 24 ++++++++++++++++++++++-- 3 files changed, 35 insertions(+), 8 deletions(-) delete mode 100644 nginx/Dockerfile diff --git a/docker-compose.yaml b/docker-compose.yaml index b0f9936..9173f13 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -2,12 +2,23 @@ services: nginx: depends_on: - flask_blog - build: - nginx + - certbot + image: nginx:stable + restart: always links: - flask_blog ports: - 80:80 + - 443:443 + volumes: + - ./nginx/:/etc/nginx/conf.d/:ro + - ./certbot/www:/var/www/certbot/:ro + + certbot: + image: certbot/certbot:latest + volumes : + - ./certbot/www:/var/www/certbot/:rw + - ./certbot/conf/:/etc/letsencrypt/:rw db: image: postgres:12-bullseye diff --git a/nginx/Dockerfile b/nginx/Dockerfile deleted file mode 100644 index 4689f5d..0000000 --- a/nginx/Dockerfile +++ /dev/null @@ -1,4 +0,0 @@ -FROM nginx:stable - -RUN rm /etc/nginx/conf.d/default.conf -COPY nginx.conf /etc/nginx/conf.d diff --git a/nginx/nginx.conf b/nginx/nginx.conf index 98c2dbe..06867cb 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -3,8 +3,29 @@ upstream flask_blog { } server { - listen 80; + listen [::]:80; + + server_name blog.sahilsagwekar.co; + server_tokens off; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://blog.sahilsagwekar.co$request_uri; + } +} + +server { + listen 443 default_server ssl http2; + listen [::]:443 ssl http2; + + server_name blog.sahilsagwekar.co; + + ssl_certificate /etc/nginx/ssl/live/blog.sahilsagwekar.co/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/live/blog.sahilsagwekar.co/privkey.pem; location / { proxy_pass http://flask_blog; @@ -12,5 +33,4 @@ server { proxy_set_header Host $host; proxy_redirect off; } - }