「🏗️」 wip: Added prodution option for CD
This commit is contained in:
@ -1,9 +1,22 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
if [ ! -v ${PRODUCTION} ]; then
|
||||||
if [ ! -f ${NGINX_SSL_KEY_FILE} ]; then
|
if [ ! -f ${NGINX_SSL_KEY_FILE} ]; then
|
||||||
echo "Generating certs"
|
echo "Generating certs"
|
||||||
mkdir -p /etc/nginx/ssl
|
mkdir -p /etc/nginx/ssl
|
||||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${NGINX_SSL_KEY_FILE} -out ${NGINX_SSL_CERT_FILE} -subj "/C=FR/ST=IDF/L=Angouleme/O=42/OU=42/CN=adjoly.42.fr/UID=adjoly"
|
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${NGINX_SSL_KEY_FILE} -out ${NGINX_SSL_CERT_FILE} -subj "/C=FR/ST=IDF/L=Angouleme/O=42/OU=42/CN=adjoly.42.fr/UID=adjoly"
|
||||||
else
|
else
|
||||||
printf "Key already exist not recreating\n"
|
printf "Key already exist not recreating\n"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
printf "Entering production mode for nginx"
|
||||||
|
INPUT_FILE="/etc/nginx/http.d/www.conf"
|
||||||
|
OUTPUT_FILE="/etc/nginx/http.d/www.conf"
|
||||||
|
sed -E '
|
||||||
|
s/listen\s+443 ssl;/listen 80;/;
|
||||||
|
s/server_name.*/&\n\tlisten 80;/;
|
||||||
|
/ssl_certificate/d;
|
||||||
|
/ssl_certificate_key/d;
|
||||||
|
/ssl_protocols/d;
|
||||||
|
/ssl_session_timeout/d;
|
||||||
|
' "$INPUT_FILE" > "$OUTPUT_FILE"
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
server {
|
server {
|
||||||
listen 443 ssl;
|
listen 443 ssl;
|
||||||
|
|
||||||
server_name adjoly.42.fr www.adjoly.42.fr;
|
server_name $NGINX_EXPOSED_HOSTS;
|
||||||
|
|
||||||
root /var/www/html;
|
root /var/www/html;
|
||||||
index index.php;
|
index index.php;
|
||||||
|
|||||||
@ -21,18 +21,29 @@ services:
|
|||||||
- NGINX_PHP_HOST=inception-wordp-php
|
- NGINX_PHP_HOST=inception-wordp-php
|
||||||
- NGINX_SSL_KEY_FILE=/etc/nginx/ssl/adjoly-wp.key
|
- NGINX_SSL_KEY_FILE=/etc/nginx/ssl/adjoly-wp.key
|
||||||
- NGINX_SSL_CERT_FILE=/etc/nginx/ssl/adjoly-wp.crt
|
- NGINX_SSL_CERT_FILE=/etc/nginx/ssl/adjoly-wp.crt
|
||||||
|
- NGINX_EXPOSED_HOSTS=adjoly.42.fr
|
||||||
depends_on:
|
depends_on:
|
||||||
wordpress-php:
|
wordpress-php:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
db:
|
db:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
volumes:
|
volumes:
|
||||||
- wp-site:/var/www/html
|
- wp-site:/var/www/html
|
||||||
- ./configs/nginx/templates:/etc/nginx/templates
|
- ./configs/nginx/templates:/etc/nginx/templates
|
||||||
- ./configs/nginx/entry:/docker-entrypoint.d
|
- ./configs/nginx/entry:/docker-entrypoint.d
|
||||||
ports:
|
ports:
|
||||||
- "443:443"
|
- "10443:443"
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.docker.network=traefik-back
|
||||||
|
|
||||||
|
- traefik.http.routers.inception.rule=Host(`inception.kanel.ovh`)
|
||||||
|
- traefik.http.routers.inception.entrypoints=websecure
|
||||||
|
- traefik.http.routers.inception.tls=true
|
||||||
|
- traefik.http.routers.inception.tls.certresolver=letsencrypt
|
||||||
|
- traefik.http.routers.inception.service=inception
|
||||||
|
- traefik.http.services.inception.loadbalancer.server.port=80
|
||||||
|
|
||||||
wordpress-php:
|
wordpress-php:
|
||||||
container_name: inception-wordp-php
|
container_name: inception-wordp-php
|
||||||
@ -43,7 +54,7 @@ services:
|
|||||||
- inception
|
- inception
|
||||||
depends_on:
|
depends_on:
|
||||||
db:
|
db:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
environment:
|
environment:
|
||||||
- PHP_MEMORY_LIMIT="512M"
|
- PHP_MEMORY_LIMIT="512M"
|
||||||
- PHP_MAX_UPLOAD="50M"
|
- PHP_MAX_UPLOAD="50M"
|
||||||
|
|||||||
Reference in New Issue
Block a user