diff --git a/docker-compose.yml b/docker-compose.yml index 30e0535..c1bfea7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,19 @@ services: container_name: nginx-reverse-proxy ports: - "80:80" + - "443:443" volumes: - ./nginx.conf:/etc/nginx/nginx.conf + - ./certs:/etc/letsencrypt + - ./html:/var/www/html restart: always + + certbot: + image: certbot/certbot + container_name: certbot + volumes: + - ./certs:/etc/letsencrypt + - ./html:/var/www/html + command: certonly --webroot --webroot-path=/var/www/html --email prbigoon@gmail.com --agree-tos --staged --no-eff-email -d git.evil-bird.ru + depends_on: + - nginx diff --git a/nginx.conf b/nginx.conf index 51b5ea0..90a5bdb 100644 --- a/nginx.conf +++ b/nginx.conf @@ -5,6 +5,22 @@ http { listen 80; server_name git.evil-bird.ru; + location /.well-known/acme-challenge/ { + root /var/www/html; + } + + location / { + return 301 https://$host$request_uri; + } + } + + server { + listen 443 ssl; + server_name git.evil-bird.ru; + + ssl_certificate /etc/letsencrypt/live/git.evil-bird.ru/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/git.evil-bird.ru/privkey.pem; + location / { proxy_pass http://10.10.1.10:3000; proxy_set_header Host $host; @@ -13,4 +29,4 @@ http { proxy_set_header X-Forwarded-Proto $scheme; } } -} +} \ No newline at end of file