Browse Source
Merge branch 'new/remove-https'
feature/lndseedbackup
nicolas.dorier
5 years ago
No known key found for this signature in database
GPG Key ID: 6618763EF09186FE
3 changed files with
20 additions and
10 deletions
-
Production/nginx.tmpl
-
docker-compose-generator/docker-fragments/nginx-https.yml
-
docker-compose-generator/docker-fragments/nginx.yml
|
|
|
@ -272,15 +272,18 @@ server { |
|
|
|
{{/* Get the first cert name defined by containers w/ the same vhost */}} |
|
|
|
{{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }} |
|
|
|
|
|
|
|
{{/* Get the best matching cert by name for the vhost. */}} |
|
|
|
{{ $vhostCert := (closest (dir "/etc/nginx/certs") (printf "%s.crt" $host))}} |
|
|
|
{{ $cert := "" }} |
|
|
|
{{ if exists "/etc/nginx/certs" }} |
|
|
|
{{/* Get the best matching cert by name for the vhost. */}} |
|
|
|
{{ $vhostCert := (closest (dir "/etc/nginx/certs") (printf "%s.crt" $host))}} |
|
|
|
|
|
|
|
{{/* vhostCert is actually a filename so remove any suffixes since they are added later */}} |
|
|
|
{{ $vhostCert := trimSuffix ".crt" $vhostCert }} |
|
|
|
{{ $vhostCert := trimSuffix ".key" $vhostCert }} |
|
|
|
{{/* vhostCert is actually a filename so remove any suffixes since they are added later */}} |
|
|
|
{{ $vhostCert := trimSuffix ".crt" $vhostCert }} |
|
|
|
{{ $vhostCert := trimSuffix ".key" $vhostCert }} |
|
|
|
|
|
|
|
{{/* Use the cert specified on the container or fallback to the best vhost match */}} |
|
|
|
{{ $cert := (coalesce $certName $vhostCert) }} |
|
|
|
{{/* Use the cert specified on the container or fallback to the best vhost match */}} |
|
|
|
{{ $cert = (coalesce $certName $vhostCert) }} |
|
|
|
{{ end }} |
|
|
|
|
|
|
|
{{ $is_https := (and (ne $https_method "nohttps") (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) }} |
|
|
|
|
|
|
|
|
|
|
|
@ -17,3 +17,13 @@ services: |
|
|
|
ACME_CA_URI: ${ACME_CA_URI:-staging} |
|
|
|
links: |
|
|
|
- nginx-gen |
|
|
|
|
|
|
|
nginx: |
|
|
|
ports: |
|
|
|
- "${REVERSEPROXY_HTTPS_PORT:-443}:443" |
|
|
|
volumes: |
|
|
|
- "nginx_certs:/etc/nginx/certs:ro" |
|
|
|
|
|
|
|
nginx-gen: |
|
|
|
volumes: |
|
|
|
- "nginx_certs:/etc/nginx/certs:ro" |
|
|
|
@ -7,12 +7,10 @@ services: |
|
|
|
container_name: nginx |
|
|
|
ports: |
|
|
|
- "${REVERSEPROXY_HTTP_PORT:-80}:80" |
|
|
|
- "${REVERSEPROXY_HTTPS_PORT:-443}:443" |
|
|
|
volumes: |
|
|
|
- "nginx_conf:/etc/nginx/conf.d" |
|
|
|
- "nginx_vhost:/etc/nginx/vhost.d" |
|
|
|
- "nginx_html:/usr/share/nginx/html" |
|
|
|
- "nginx_certs:/etc/nginx/certs:ro" |
|
|
|
nginx-gen: |
|
|
|
restart: unless-stopped |
|
|
|
image: btcpayserver/docker-gen:0.7.6 |
|
|
|
@ -25,7 +23,6 @@ services: |
|
|
|
- "nginx_conf:/etc/nginx/conf.d" |
|
|
|
- "nginx_vhost:/etc/nginx/vhost.d" |
|
|
|
- "nginx_html:/usr/share/nginx/html" |
|
|
|
- "nginx_certs:/etc/nginx/certs:ro" |
|
|
|
entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf |
|
|
|
links: |
|
|
|
- btcpayserver |
|
|
|
|
