update Docker and Nginx configuration to support Certbot for SSL certificate management

2025-08-05 23:21:13 +03:00
parent af4d262a15
commit f985d9e827
4 changed files with 24 additions and 2 deletions
--- a/certbot/conf/.gitkeep
+++ b/certbot/conf/.gitkeep
--- a/certbot/www/.gitkeep
+++ b/certbot/www/.gitkeep
--- a/config/nginx/nginx.conf
+++ b/config/nginx/nginx.conf
@ -15,7 +15,10 @@ upstream frontend

 server
 {
-	listen 80; server_name crm.logidex.ru;
+	listen 80;
+
+	server_tokens off;
+	server_name crm.logidex.ru www.crm.logidex.ru;
 	gzip on;
 	gzip_proxied any;
 	gzip_comp_level 4;
@ -64,4 +67,8 @@ server
 		proxy_cache_valid 60m;
 		proxy_pass http://frontend;
 	}
+
+	location /.well-known/acme-challenge/ {
+	    root /var/www/certbot;
+    }
 }
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -17,7 +17,7 @@ services:
      - appnet
    restart: unless-stopped
  nginx:
-    image: nginx:latest
+    image: nginx:alpine-slim
    ports:
      - "80:80"
      - "443:443"
@ -33,9 +33,24 @@ services:
        source: app_run
        target: /app/run
        read_only: false
+      - type: bind
+        source: ./certbot/www
+        target: /var/www/certbot
+        read_only: true
    restart: unless-stopped
    networks:
      - appnet
+  certbot:
+    image: certbot/certbot:latest
+    volumes:
+      - type: bind
+        source: ./certbot/www
+        target: /var/www/certbot
+        read_only: false
+      - type: bind
+        source: ./certbot/conf
+        target: /etc/letsencrypt
+        read_only: false
 volumes:
  app_run:
    driver: local