diff --git a/.gitignore b/.gitignore index 1bbaf24..9460742 100755 --- a/.gitignore +++ b/.gitignore @@ -30,8 +30,6 @@ Splunk/opt-splunk-var/* *.log -etc/nginx/default.conf - etc/logs/nginx/*.log etc/logs/letsencrypt/* etc/ghost/logs/*.log diff --git a/docker-compose.yml b/docker-compose.yml index aab6a6d..c559330 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -77,8 +77,8 @@ services: ports: - "127.0.0.1:2368:2368" restart: always - #env_file: - # - ".env" + env_file: + - ".env" volumes: - "./etc/ghost/content:/var/lib/ghost/content" environment: @@ -89,6 +89,8 @@ services: - database__connection__password=root - database__connection__database=ghost - privacy__useUpdateCheck=false + depends_on: + - mysqldb php: image: nanoninja/php-fpm:7.2 diff --git a/etc/nginx/HTTPS_default.conf.BAK b/etc/nginx/HTTPS_default.conf.BAK index a3687dd..e120cc8 100755 --- a/etc/nginx/HTTPS_default.conf.BAK +++ b/etc/nginx/HTTPS_default.conf.BAK @@ -36,12 +36,9 @@ server { ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 1.1.1.1; -# ssl_certificate /etc/letsencrypt/live/openrsc.com/fullchain.pem; -# ssl_certificate_key /etc/letsencrypt/live/openrsc.com/privkey.pem; -# ssl_trusted_certificate /etc/letsencrypt/live/openrsc.com/chain.pem; -ssl_certificate /etc/letsencrypt/live/localhost/selfsigned.crt; -ssl_certificate_key /etc/letsencrypt/live/localhost/selfsigned.key; -ssl_trusted_certificate /etc/letsencrypt/live/localhost/dhparam.pem; + ssl_certificate /etc/letsencrypt/live/openrsc.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/openrsc.com/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/openrsc.com/chain.pem; root /app; index index.jsp index.html index.htm; diff --git a/etc/nginx/default.conf b/etc/nginx/default.conf new file mode 100755 index 0000000..4bd4630 --- /dev/null +++ b/etc/nginx/default.conf @@ -0,0 +1,53 @@ +upstream tomcat { + server tomcat:8080; +} + +upstream ghost { + server ghost:2368; +} + +# HTTP +server { + listen 80 default_server; + listen [::]:80 default_server ipv6only=on; + server_name ${NGINX_HOST}; + + error_log /var/log/nginx/error.log; + access_log /var/log/nginx/access.log; + + root /app; + index index.jsp index.html index.htm; + + client_max_body_size 100M; + + location / { + root /var/www/html; + } + + ####### Proxies ####### +# # PHP proxy +# location /board { +# fastcgi_pass php:9001; +# fastcgi_index index.php; +# include fastcgi.conf; +# root /app; +# } + + # Ghost proxy + location /blog { + proxy_pass http://ghost; + proxy_set_header Host $http_host; # required for docker client's sake + proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 900; + } + + # Tomcat proxy + location ~ \.jsp$ { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://tomcat; + } +}