Merge pull request #11 from birjolaxew/master

Add configuration for various reverse proxies
This commit is contained in:
Uku Taht 2020-11-05 13:58:00 +02:00 committed by GitHub
commit 5b9e8c9e8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 77 additions and 1 deletions

View File

@ -28,7 +28,7 @@ services:
- plausible_events_db - plausible_events_db
- mail - mail
ports: ports:
- 80:8000 - 8000:8000
env_file: env_file:
- plausible-conf.env - plausible-conf.env

35
reverse-proxy/README.md Normal file
View File

@ -0,0 +1,35 @@
This directory contains pre-made configurations for various reverse proxies. Which flavor you should choose depends on your setup.
## No existing reverse proxy
If you aren't running an existing reverse proxy, then you can use the [`caddy-gen`](https://github.com/wemake-services/caddy-gen) based docker-compose file. Update it to include the domain name you use for your server, then combine it with the existing docker-compose files:
```shell
$ docker-compose -f docker-compose.yml -f reverse-proxy/docker-compose.caddy-gen.yml up
```
## Existing reverse proxy
If you are already running a reverse proxy, then the above will not work as it will clash with the existing port bindings. You should instead use one of the available configuration files:
### NGINX
If you already have NGINX running as a system service, use the configuration file in the `nginx` directory.
Edit the file `reverse-proxy/nginx/plausible` to contain the domain name you use for your server, then copy it into NGINX's configuration folder. Enable it by creating a symlink in NGINX's enabled sites folder. Finally use Certbot to create a TLS certificate for your site:
```shell
$ sudo cp reverse-proxy/nginx/plausible /etc/nginx/sites-available
$ sudo ln -s /etc/nginx/sites-available/plausible /etc/nginx/sites-enabled/plausible
$ sudo certbot --nginx
```
### Traefik 2
If you already have a Traefik container running on Docker, use the docker-compose file in the `traefik` directory. Note that it assumes that your Traefik container is set up to support certificate generation.
Edit the file `reverse-proxy/traefik/docker-compose.traefik.yml` to contain the domain name you use for your server, then combine it with the existing docker-compose files:
```shell
$ docker-compose -f docker-compose.yml -f reverse-proxy/traefik/docker-compose.traefik.yml up
```

View File

@ -0,0 +1,24 @@
version: "3.3"
services:
caddy-gen:
container_name: caddy-gen
image: "wemakeservices/caddy-gen:latest"
restart: always
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- caddy-certificates:/data/caddy
ports:
- "80:80"
- "443:443"
depends_on:
- plausible
plausible:
labels:
virtual.host: "example.com" # change to your domain name
virtual.port: "8000"
virtual.tls-email: "admin@example.com" # change to your email
volumes:
caddy-certificates:
driver: local

View File

@ -0,0 +1,9 @@
server {
# replace example.com with your domain name
server_name example.com;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

View File

@ -0,0 +1,8 @@
version: "3.3"
services:
plausible:
labels:
traefik.enable: "true"
traefik.http.routers.plausible.rule: "Host(`example.com`)" # change to your domain name
traefik.http.routers.plausible.entrypoints: "websecure"
traefik.http.services.plausible.loadbalancer.server.port: "8000"