aboutsummaryrefslogtreecommitdiffhomepage
path: root/support/docker
diff options
context:
space:
mode:
Diffstat (limited to 'support/docker')
-rw-r--r--support/docker/production/docker-compose.traefik.yml27
-rw-r--r--support/docker/production/docker-compose.yml32
-rw-r--r--support/docker/production/entrypoint.nginx.sh10
3 files changed, 37 insertions, 32 deletions
diff --git a/support/docker/production/docker-compose.traefik.yml b/support/docker/production/docker-compose.traefik.yml
new file mode 100644
index 000000000..bbea75783
--- /dev/null
+++ b/support/docker/production/docker-compose.traefik.yml
@@ -0,0 +1,27 @@
1version: "3.3"
2
3services:
4
5 # The reverse-proxy only does SSL termination and automatic certificate generation. You can
6 # replace it with any other reverse-proxy, in which case you can remove 'traefik.*' labels.
7 reverse-proxy:
8 image: traefik:v1.7
9 network_mode: "host"
10 command:
11 - "--docker" # Tells Træfik to listen to docker
12 - "--acme.email=${TRAEFIK_ACME_EMAIL}" # Let's Encrypt ACME email
13 - "--acme.domains=${TRAEFIK_ACME_DOMAINS}" # Let's Encrypt ACME domain list
14 ports:
15 - "80:80" # serving HTTP
16 - "443:443" # serving HTTPS
17 volumes:
18 - /var/run/docker.sock:/var/run/docker.sock # So that Træfik can listen to the Docker events
19 - ./docker-volume/traefik/acme.json:/etc/acme.json
20 - ./docker-volume/traefik/traefik.toml:/traefik.toml
21 restart: "always"
22
23 webserver:
24 labels:
25 traefik.enable: "true"
26 traefik.frontend.rule: "Host:${PEERTUBE_WEBSERVER_HOSTNAME}"
27 traefik.port: "80"
diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml
index 51de964e8..d17dbd0df 100644
--- a/support/docker/production/docker-compose.yml
+++ b/support/docker/production/docker-compose.yml
@@ -2,27 +2,9 @@ version: "3.3"
2 2
3services: 3services:
4 4
5 # The reverse-proxy only does SSL termination and automatic certificate generation. You can
6 # replace it with any other reverse-proxy, in which case you can remove 'traefik.*' labels.
7 reverse-proxy:
8 image: traefik:v1.7
9 network_mode: "host"
10 command:
11 - "--docker" # Tells Træfik to listen to docker
12 - "--acme.email=${TRAEFIK_ACME_EMAIL}" # Let's Encrypt ACME email
13 - "--acme.domains=${TRAEFIK_ACME_DOMAINS}" # Let's Encrypt ACME domain list
14 ports:
15 - "80:80" # The HTTP port
16 - "443:443" # The HTTPS port
17 volumes:
18 - /var/run/docker.sock:/var/run/docker.sock # So that Træfik can listen to the Docker events
19 - ./docker-volume/traefik/acme.json:/etc/acme.json
20 - ./docker-volume/traefik/traefik.toml:/traefik.toml
21 restart: "always"
22
23 # The webserver is not required, but recommended since a lot of optimizations went to its 5 # The webserver is not required, but recommended since a lot of optimizations went to its
24 # nginx configuration file. It runs the default nginx configuration without HTTPS nor SSL, 6 # nginx configuration file. It runs the default nginx configuration without HTTPS nor SSL,
25 # so use it in production in tandem with an SSL-terminating reverse-proxy like above. 7 # so use it in production in tandem with an SSL-terminating reverse-proxy.
26 webserver: 8 webserver:
27 build: 9 build:
28 context: . 10 context: .
@@ -31,7 +13,7 @@ services:
31 - .env 13 - .env
32 # If you provide your own reverse-proxy, otherwise not suitable for production: 14 # If you provide your own reverse-proxy, otherwise not suitable for production:
33 #ports: 15 #ports:
34 # - "80:80" 16 # - "9000:80" # serving HTTP
35 volumes: 17 volumes:
36 - type: bind 18 - type: bind
37 # Switch sources if you downloaded the nginx configuration without the whole repository 19 # Switch sources if you downloaded the nginx configuration without the whole repository
@@ -43,10 +25,6 @@ services:
43 depends_on: 25 depends_on:
44 - peertube 26 - peertube
45 restart: "always" 27 restart: "always"
46 labels:
47 traefik.enable: "true"
48 traefik.frontend.rule: "Host:${PEERTUBE_WEBSERVER_HOSTNAME}"
49 traefik.port: "80"
50 28
51 peertube: 29 peertube:
52 # If you don't want to use the official image and build one from sources: 30 # If you don't want to use the official image and build one from sources:
@@ -58,7 +36,7 @@ services:
58 - .env 36 - .env
59 # If you provide your own webserver and reverse-proxy, otherwise not suitable for production: 37 # If you provide your own webserver and reverse-proxy, otherwise not suitable for production:
60 #ports: 38 #ports:
61 # - "80:9000" 39 # - "80:9000" # serving HTTP
62 volumes: 40 volumes:
63 - assets:/app/client/dist 41 - assets:/app/client/dist
64 - ./docker-volume/data:/data 42 - ./docker-volume/data:/data
@@ -70,7 +48,7 @@ services:
70 restart: "always" 48 restart: "always"
71 49
72 postgres: 50 postgres:
73 image: postgres:12-alpine 51 image: postgres:10-alpine
74 env_file: 52 env_file:
75 - .env 53 - .env
76 volumes: 54 volumes:
@@ -96,7 +74,7 @@ networks:
96 ipam: 74 ipam:
97 driver: default 75 driver: default
98 config: 76 config:
99 - subnet: 172.18.0.0/16 77 - subnet: 172.18.0.0/16
100 78
101volumes: 79volumes:
102 assets: 80 assets:
diff --git a/support/docker/production/entrypoint.nginx.sh b/support/docker/production/entrypoint.nginx.sh
index 903806936..4d2ead966 100644
--- a/support/docker/production/entrypoint.nginx.sh
+++ b/support/docker/production/entrypoint.nginx.sh
@@ -1,15 +1,15 @@
1#!/bin/sh 1#!/bin/sh
2set -e 2set -e
3 3
4# Process nginx template 4# Process the nginx template
5SOURCE="/etc/nginx/conf.d/peertube.template" 5SOURCE_FILE="/etc/nginx/conf.d/peertube.template"
6TARGET="/etc/nginx/conf.d/default.conf" 6TARGET_FILE="/etc/nginx/conf.d/default.conf"
7export WEBSERVER_HOST="default_server" 7export WEBSERVER_HOST="default_server"
8export PEERTUBE_HOST="peertube:9000" 8export PEERTUBE_HOST="peertube:9000"
9 9
10envsubst '${WEBSERVER_HOST} ${PEERTUBE_HOST}' < $SOURCE > $TARGET 10envsubst '${WEBSERVER_HOST} ${PEERTUBE_HOST}' < $SOURCE_FILE > $TARGET_FILE
11 11
12# Remove HTTPS/SSL from nginx conf 12# Remove HTTPS/SSL from nginx conf
13sed -i 's/443 ssl http2/80/g;/ssl_/d' $TARGET 13sed -i 's/443 ssl http2/80/g;/ssl_/d' $TARGET_FILE
14 14
15nginx -g "daemon off;" \ No newline at end of file 15nginx -g "daemon off;" \ No newline at end of file