From f985d9e8275440459ec07cea6741239a3626522e Mon Sep 17 00:00:00 2001 From: admin Date: Tue, 5 Aug 2025 23:21:13 +0300 Subject: [PATCH] update Docker and Nginx configuration to support Certbot for SSL certificate management --- certbot/conf/.gitkeep | 0 certbot/www/.gitkeep | 0 config/nginx/nginx.conf | 9 ++++++++- docker-compose.yml | 17 ++++++++++++++++- 4 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 certbot/conf/.gitkeep create mode 100644 certbot/www/.gitkeep diff --git a/certbot/conf/.gitkeep b/certbot/conf/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/certbot/www/.gitkeep b/certbot/www/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/config/nginx/nginx.conf b/config/nginx/nginx.conf index 6ba6ed8..0fd46cd 100644 --- a/config/nginx/nginx.conf +++ b/config/nginx/nginx.conf @@ -15,7 +15,10 @@ upstream frontend server { - listen 80; server_name crm.logidex.ru; + listen 80; + + server_tokens off; + server_name crm.logidex.ru www.crm.logidex.ru; gzip on; gzip_proxied any; gzip_comp_level 4; @@ -64,4 +67,8 @@ server proxy_cache_valid 60m; proxy_pass http://frontend; } + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } } \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index d077fab..bb80155 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,7 @@ services: - appnet restart: unless-stopped nginx: - image: nginx:latest + image: nginx:alpine-slim ports: - "80:80" - "443:443" @@ -33,9 +33,24 @@ services: source: app_run target: /app/run read_only: false + - type: bind + source: ./certbot/www + target: /var/www/certbot + read_only: true restart: unless-stopped networks: - appnet + certbot: + image: certbot/certbot:latest + volumes: + - type: bind + source: ./certbot/www + target: /var/www/certbot + read_only: false + - type: bind + source: ./certbot/conf + target: /etc/letsencrypt + read_only: false volumes: app_run: driver: local