42 lines
1.1 KiB
YAML
42 lines
1.1 KiB
YAML
# SSL overlay — adds Nginx reverse proxy + Certbot for Let's Encrypt
|
|
# Usage: docker compose -f docker-compose.yml -f docker-compose.ssl.yml up -d
|
|
|
|
services:
|
|
nginx:
|
|
image: nginx:alpine
|
|
container_name: it0-nginx
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
|
- ./nginx/ssl-params.conf:/etc/nginx/ssl-params.conf:ro
|
|
- certbot_webroot:/var/www/certbot:ro
|
|
- certbot_certs:/etc/letsencrypt:ro
|
|
depends_on:
|
|
- api-gateway
|
|
- web-admin
|
|
networks:
|
|
- it0-network
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "nginx", "-t"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
certbot:
|
|
image: certbot/certbot
|
|
container_name: it0-certbot
|
|
volumes:
|
|
- certbot_webroot:/var/www/certbot
|
|
- certbot_certs:/etc/letsencrypt
|
|
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew --webroot -w /var/www/certbot --quiet; sleep 12h & wait $${!}; done'"
|
|
networks:
|
|
- it0-network
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
certbot_webroot:
|
|
certbot_certs:
|