M docker-compose.production.yml => docker-compose.production.yml +14 -13
@@ 1,23 1,21 @@
services:
nginx:
image: nginx:1.21
- networks:
- default:
- spittle:
- aliases:
- - kvikshaug
volumes:
- "./nginx.conf:/etc/nginx/nginx.conf:ro"
- "./assets:/assets:ro"
- "./.well-known:/.well-known:ro"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.services.kvikshaug-static.loadBalancer.server.port=80"
+ - "traefik.http.routers.kvikshaug-static.rule=Host(`kvikshaug.no`) && (PathPrefix(`/assets`) || PathPrefix(`/.well-known`))"
+ - "traefik.http.routers.kvikshaug-static.entryPoints=websecure"
+ - "traefik.http.routers.kvikshaug-static.tls=true"
+ - "traefik.http.routers.kvikshaug-static.tls.certresolver=letsencrypt"
web:
build: .
image: kvikshaug.no
- networks:
- default:
- aliases:
- - kvikshaug
volumes:
- ".:/app"
environment:
@@ 25,6 23,13 @@ services:
- FLASK_SKIP_DOTENV=1
- SECRET_KEY=${SECRET_KEY}
command: gunicorn -c gunicorn.py kvikshaug.wsgi:app
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.services.kvikshaug.loadBalancer.server.port=8000"
+ - "traefik.http.routers.kvikshaug.rule=Host(`kvikshaug.no`)"
+ - "traefik.http.routers.kvikshaug.entryPoints=websecure"
+ - "traefik.http.routers.kvikshaug.tls=true"
+ - "traefik.http.routers.kvikshaug.tls.certresolver=letsencrypt"
sass:
image: kvikshaug.no
@@ 37,7 42,3 @@ services:
volumes:
- ".:/app"
command: babel --verbose js -d assets/js
-
-networks:
- spittle:
- external: true
M nginx.conf => nginx.conf +0 -12
@@ 21,21 21,9 @@ http {
gzip_vary on;
gzip_types application/atom+xml application/geo+json application/javascript application/x-javascript application/json application/ld+json application/manifest+json application/rdf+xml application/rss+xml application/vnd.ms-fontobject application/wasm application/x-web-app-manifest+json application/xhtml+xml application/xml font/eot font/otf font/ttf image/bmp image/svg+xml image/vnd.microsoft.icon image/x-icon text/cache-manifest text/calendar text/css text/javascript text/markdown text/plain text/xml text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
- upstream kvikshaug {
- server kvikshaug:8000;
- }
-
server {
listen 80 default_server;
- location / {
- proxy_pass http://kvikshaug;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- }
-
location /assets {
expires 0;
alias /assets;