improve faq

This commit is contained in:
Christian Winther 2024-01-15 19:39:59 +00:00
parent 53eb9c11fc
commit 98660760c9
3 changed files with 28 additions and 18 deletions

View file

@ -952,4 +952,10 @@ DOCKER_WEB_PORT_EXTERNAL_HTTP="8080"
DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock" DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock"
# Prefix for container names (without any dash at the end) # Prefix for container names (without any dash at the end)
DOCKER_CONTAINER_NAME_PREFIX="${APP_DOMAIN}-" DOCKER_CONTAINER_NAME_PREFIX="${APP_DOMAIN}"
# Set this to a non-empty value (e.g. "disabled") to disable the [proxy] and [proxy-acme] service
DOCKER_PROXY_PROFILE=""
# Set this to a non-empty value (e.g. "disabled") to disable the [proxy-acme] service
DOCKER_PROXY_ACME_PROFILE="${DOCKER_PROXY_PROFILE}"

View file

@ -36,7 +36,7 @@ services:
container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme" container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme"
restart: unless-stopped restart: unless-stopped
profiles: profiles:
- ${DOCKER_PROXY_ACME_PROFILE:-$DOCKER_PROXY_PROFILE} - ${DOCKER_PROXY_ACME_PROFILE}
environment: environment:
DEBUG: 0 DEBUG: 0
DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}" DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}"
@ -57,9 +57,6 @@ services:
restart: unless-stopped restart: unless-stopped
build: build:
target: apache-runtime target: apache-runtime
deploy:
mode: replicated
replicas: 1
volumes: volumes:
- "./.env:/var/www/.env" - "./.env:/var/www/.env"
- "${DOCKER_DATA_ROOT}/pixelfed/cache:/var/www/bootstrap/cache" - "${DOCKER_DATA_ROOT}/pixelfed/cache:/var/www/bootstrap/cache"
@ -74,8 +71,8 @@ services:
com.github.nginx-proxy.nginx-proxy.keepalive: 30 com.github.nginx-proxy.nginx-proxy.keepalive: 30
com.github.nginx-proxy.nginx-proxy.http2.enable: true com.github.nginx-proxy.nginx-proxy.http2.enable: true
com.github.nginx-proxy.nginx-proxy.http3.enable: true com.github.nginx-proxy.nginx-proxy.http3.enable: true
# ports: ports:
# - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80" - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80"
depends_on: depends_on:
- db - db
- redis - redis

View file

@ -2,18 +2,25 @@
## I already have a Proxy, how do I disable the included one? ## I already have a Proxy, how do I disable the included one?
No problem! All you have to do is No problem! All you have to do is:
1. *Comment out* (or delete) the `proxy` and `proxy-acme` services in `docker-compose.yml` 1. Change the `DOCKER_PROXY_PROFILE` key/value pair in your `.env` file to `"disabled"`.
1. *Uncomment* the `ports` block for the `web` servince in `docker-compose.yml` * This disables the `proxy` *and* `proxy-acme` services in `docker-compose.yml`.
1. Change the `DOCKER_WEB_PORT_EXTERNAL_HTTP` setting in your `.env` if you want to change the port from the default `8080` * The setting is near the bottom of the file.
1. Point your proxy upstream to the exposed `web` port. 1. Point your proxy upstream to the exposed `web` port (**Default**: `8080`).
* The port is controlled by the `DOCKER_WEB_PORT_EXTERNAL_HTTP` key in `.env`.
* The setting is near the bottom of the file.
## I already have a SSL certificate, how do I use it? ## I already have a SSL certificate, how do I use it?
1. *Comment out* (or delete) the `proxy-acme` service in `docker-compose.yml` 1. Change the `DOCKER_PROXY_ACME_PROFILE` key/value pair in your `.env` file to `"disabled"`.
1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs/${APP_DOMAIN}/`. The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses) * This disabled the `proxy-acme` service in `docker-compose.yml`.
1. `cert.pem` * It does *not* disable the `proxy` service.
1. `chain.pem` 1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs` (e.g. `./docker-compose/config/proxy/certs`)
1. `fullchain.pem` * You may need to create this folder manually if it does not exists.
1. `key.pem` * The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses)
1. `${APP_DOMAIN}.cert.pem`
1. `${APP_DOMAIN}.chain.pem`
1. `${APP_DOMAIN}.fullchain.pem`
1. `${APP_DOMAIN}.key.pem`
* See the [`nginx-proxy` configuration file for name patterns](https://github.com/nginx-proxy/nginx-proxy/blob/main/nginx.tmpl#L659-L670)