This commit is contained in:
Christian Winther 2024-01-15 19:20:22 +00:00
parent 903aeb7608
commit 53eb9c11fc
4 changed files with 32 additions and 2 deletions

View file

@ -939,12 +939,15 @@ DOCKER_REDIS_PORT_EXTERNAL="${REDIS_PORT}"
# Use "3306" for MySQL/MariaDB and "5432" for PostgreeSQL # Use "3306" for MySQL/MariaDB and "5432" for PostgreeSQL
DOCKER_DB_PORT_EXTERNAL="${DB_PORT}" DOCKER_DB_PORT_EXTERNAL="${DB_PORT}"
# Port that the web will listen on *outside* the container (e.g. the host machine) for HTTP traffic # Port that the [proxy] will listen on *outside* the container (e.g. the host machine) for HTTP traffic
DOCKER_PROXY_PORT_EXTERNAL_HTTP="80" DOCKER_PROXY_PORT_EXTERNAL_HTTP="80"
# Port that the web will listen on *outside* the container (e.g. the host machine) for HTTPS traffic # Port that the [proxy] will listen on *outside* the container (e.g. the host machine) for HTTPS traffic
DOCKER_PROXY_PORT_EXTERNAL_HTTPS="443" DOCKER_PROXY_PORT_EXTERNAL_HTTPS="443"
# Port to expose [web] container will listen on *outside* the container (e.g. the host machine) for *HTTP* traffic only
DOCKER_WEB_PORT_EXTERNAL_HTTP="8080"
# Path to the Docker socket on the *host* # Path to the Docker socket on the *host*
DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock" DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock"

View file

@ -16,6 +16,8 @@ services:
image: nginxproxy/nginx-proxy:1.4 image: nginxproxy/nginx-proxy:1.4
container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy" container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy"
restart: unless-stopped restart: unless-stopped
profiles:
- ${DOCKER_PROXY_PROFILE}
volumes: volumes:
- "${DOCKER_HOST_SOCKET_PATH}:/tmp/docker.sock:ro" - "${DOCKER_HOST_SOCKET_PATH}:/tmp/docker.sock:ro"
- "${DOCKER_CONFIG_ROOT}/proxy/conf.d:/etc/nginx/conf.d" - "${DOCKER_CONFIG_ROOT}/proxy/conf.d:/etc/nginx/conf.d"
@ -33,6 +35,8 @@ services:
image: nginxproxy/acme-companion image: nginxproxy/acme-companion
container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme" container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme"
restart: unless-stopped restart: unless-stopped
profiles:
- ${DOCKER_PROXY_ACME_PROFILE:-$DOCKER_PROXY_PROFILE}
environment: environment:
DEBUG: 0 DEBUG: 0
DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}" DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}"
@ -70,6 +74,8 @@ services:
com.github.nginx-proxy.nginx-proxy.keepalive: 30 com.github.nginx-proxy.nginx-proxy.keepalive: 30
com.github.nginx-proxy.nginx-proxy.http2.enable: true com.github.nginx-proxy.nginx-proxy.http2.enable: true
com.github.nginx-proxy.nginx-proxy.http3.enable: true com.github.nginx-proxy.nginx-proxy.http3.enable: true
# ports:
# - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80"
depends_on: depends_on:
- db - db
- redis - redis

View file

@ -1,6 +1,8 @@
# Pixelfed + Docker + Docker Compose # Pixelfed + Docker + Docker Compose
* [Setting up a new Pixelfed server with Docker Compose](new-server.md) * [Setting up a new Pixelfed server with Docker Compose](new-server.md)
* [I already have a SSL certificate, how do I use it?](faq.md#i-already-have-a-proxy-how-do-i-disable-the-included-one)
* [I already have an proxy / how do I disable the Nginx proxy](faq.md#i-already-have-a-ssl-certificate-how-do-i-use-it)
* [Understanding Pixelfed Container runtimes (Apache, FPM, Nginx + FPM)](runtimes.md) * [Understanding Pixelfed Container runtimes (Apache, FPM, Nginx + FPM)](runtimes.md)
* [Apache](runtimes.md#apache) * [Apache](runtimes.md#apache)
* [FPM](runtimes.md#fpm) * [FPM](runtimes.md#fpm)

19
docker/faq.md Normal file
View file

@ -0,0 +1,19 @@
# Pixelfed Docker FAQ
## I already have a Proxy, how do I disable the included one?
No problem! All you have to do is
1. *Comment out* (or delete) the `proxy` and `proxy-acme` services in `docker-compose.yml`
1. *Uncomment* the `ports` block for the `web` servince in `docker-compose.yml`
1. Change the `DOCKER_WEB_PORT_EXTERNAL_HTTP` setting in your `.env` if you want to change the port from the default `8080`
1. Point your proxy upstream to the exposed `web` port.
## I already have a SSL certificate, how do I use it?
1. *Comment out* (or delete) the `proxy-acme` service in `docker-compose.yml`
1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs/${APP_DOMAIN}/`. The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses)
1. `cert.pem`
1. `chain.pem`
1. `fullchain.pem`
1. `key.pem`