forked from oscar.krause/fastapi-dls
docker-compose.yml - disabled internal ssl support
This commit is contained in:
parent
4325560ec4
commit
e8736c94ec
@ -2,13 +2,28 @@ version: '3.9'
|
|||||||
|
|
||||||
x-dls-variables: &dls-variables
|
x-dls-variables: &dls-variables
|
||||||
DLS_URL: localhost # REQUIRED, change to your ip or hostname
|
DLS_URL: localhost # REQUIRED, change to your ip or hostname
|
||||||
DLS_PORT: 443 # must match nginx listen port
|
DLS_PORT: 443 # must match nginx listen & exposed port
|
||||||
LEASE_EXPIRE_DAYS: 90
|
LEASE_EXPIRE_DAYS: 90
|
||||||
DATABASE: sqlite:////app/database/db.sqlite
|
DATABASE: sqlite:////app/database/db.sqlite
|
||||||
DEBUG: false
|
DEBUG: false
|
||||||
|
|
||||||
services:
|
services:
|
||||||
web:
|
dls:
|
||||||
|
image: collinwebdesigns/fastapi-dls:latest
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
<<: *dls-variables
|
||||||
|
volumes:
|
||||||
|
- /opt/docker/fastapi-dls/cert:/app/cert # instance.private.pem, instance.public.pem
|
||||||
|
- db:/app/database
|
||||||
|
entrypoint: ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000", "--app-dir", "/app", "--proxy-headers"]
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "curl", "--fail", "http://localhost:8000/-/health"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 3
|
||||||
|
start_period: 30s
|
||||||
|
proxy:
|
||||||
image: nginx
|
image: nginx
|
||||||
ports:
|
ports:
|
||||||
# thees are ports where nginx (!) is listen to
|
# thees are ports where nginx (!) is listen to
|
||||||
@ -17,14 +32,14 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- /opt/docker/fastapi-dls/cert:/opt/cert
|
- /opt/docker/fastapi-dls/cert:/opt/cert
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: [ "CMD", "curl", "--insecure", "--fail", "https://localhost/-/health" ]
|
test: ["CMD", "curl", "--insecure", "--fail", "https://localhost/-/health"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 3
|
retries: 3
|
||||||
start_period: 30s
|
start_period: 30s
|
||||||
command: |
|
command: |
|
||||||
bash -c 'bash -s <<"EOF"
|
bash -c "bash -s <<\"EOF\"
|
||||||
cat > /etc/nginx/nginx.conf <<"EON"
|
cat > /etc/nginx/nginx.conf <<\"EON\"
|
||||||
daemon off;
|
daemon off;
|
||||||
user root;
|
user root;
|
||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
@ -39,7 +54,7 @@ services:
|
|||||||
include /etc/nginx/mime.types;
|
include /etc/nginx/mime.types;
|
||||||
|
|
||||||
upstream dls-backend {
|
upstream dls-backend {
|
||||||
server dls:443;
|
server dls:8000; # must match dls listen port
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
@ -60,18 +75,17 @@ services:
|
|||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_ssl_verify off;
|
|
||||||
proxy_set_header Host $$http_host;
|
proxy_set_header Host $$http_host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $$scheme;
|
proxy_set_header X-Forwarded-Proto $$scheme;
|
||||||
proxy_pass https://dls-backend$$request_uri;
|
proxy_pass http://dls-backend$$request_uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
location = /-/health {
|
location = /-/health {
|
||||||
access_log off;
|
access_log off;
|
||||||
add_header 'Content-Type' 'application/json';
|
add_header 'Content-Type' 'application/json';
|
||||||
return 200; # '{\"status\":\"up\",\"service\":\"nginx\"}';
|
return 200 '{\"status\":\"up\",\"service\":\"nginx\"}';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -84,12 +98,11 @@ services:
|
|||||||
server_name _;
|
server_name _;
|
||||||
|
|
||||||
location /leasing/v1/lessor/shutdown {
|
location /leasing/v1/lessor/shutdown {
|
||||||
proxy_ssl_verify off;
|
|
||||||
proxy_set_header Host $$http_host;
|
proxy_set_header Host $$http_host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $$scheme;
|
proxy_set_header X-Forwarded-Proto $$scheme;
|
||||||
proxy_pass https://dls-backend/leasing/v1/lessor/shutdown;
|
proxy_pass http://dls-backend/leasing/v1/lessor/shutdown;
|
||||||
}
|
}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
@ -99,16 +112,7 @@ services:
|
|||||||
}
|
}
|
||||||
EON
|
EON
|
||||||
nginx
|
nginx
|
||||||
EOF'
|
EOF"
|
||||||
|
|
||||||
dls:
|
|
||||||
image: collinwebdesigns/fastapi-dls:latest
|
|
||||||
restart: always
|
|
||||||
environment:
|
|
||||||
<<: *dls-variables
|
|
||||||
volumes:
|
|
||||||
- /opt/docker/fastapi-dls/cert:/app/cert
|
|
||||||
- db:/app/database
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
db:
|
db:
|
||||||
|
Loading…
Reference in New Issue
Block a user