Update config

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
This commit is contained in:
Bensuperpc 2023-11-25 17:34:59 +01:00
parent 1babc4f57b
commit 418724258e
3 changed files with 57 additions and 28 deletions

View File

@ -15,15 +15,9 @@ If you have any **questions** or **suggestions**, feel free to open an issue or
- [x] caddy 2 reverse proxy - [x] caddy 2 reverse proxy
- [x] Docker / docker-compose - [x] Docker / docker-compose
- [x] ~~Letsencrypt / Certbot~~ (Caddy) - [x] Caddy
- [x] Wordpress (Via FASTCGI/caddy) - [x] Wordpress (Via FASTCGI/caddy)
- [x] PHPMyAdmin (MariaDB) - [x] Adminer (MariaDB)
- [ ] Qbittorrent
- [ ] Jellyfin
- [ ] Gitea
- [ ] Mastodon
- [ ] Minecraft server (Hyperworld v2)
- [ ] SSL for all subdomains / Services (Not just the main domain)
## Screenshots ## Screenshots
@ -53,19 +47,30 @@ cd infrastructure
### Get the SSL certificate ### Get the SSL certificate
For all **bensuperpc.org**, you need to replace it with your domain, example: **bensuperpc.com** For all **bensuperpc.org**, you need to replace it with your domain, example: **mydomain.com**
```sh ```sh
find . \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i 's/bensuperpc.org/bensuperpc.com/g' find . \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i 's/bensuperpc.org/mydomain.com/g'
``` ```
Check if all bensuperpc.* are replaced by your domain in [Caddyfile](caddy/wordpress/Caddyfile)
And then, caddy will generate the certificate for you and renew it automatically :D (It's easier than certbot and nginx) And then, caddy will generate the certificate for you and renew it automatically :D (It's easier than certbot and nginx)
### Configure the infrastructure ### Configure the infrastructure
You must create a folder named `env` with the following content: You must create a folder named `env` with the following content:
file named `.env` with the following content: File named `wordpress.env` with the following content:
```sh
WORDPRESS_DB_USER=bensuperpc
WORDPRESS_DB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
WORDPRESS_DB_NAME=wordpress
WORDPRESS_DB_HOST=database:3306
```
Another file `mariadb.env`
```sh ```sh
MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
@ -74,6 +79,15 @@ MARIADB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
MARIADB_DATABASE=wordpress MARIADB_DATABASE=wordpress
``` ```
Another file `adminer.env`
```sh
MYSQL_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
MYSQL_USER=bensuperpc
MYSQL_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
ADMINER_DEFAULT_SERVER=database
```
### Wordpress website ### Wordpress website
For the Wordpress website, you can configure in GUI when you go to the website. For the Wordpress website, you can configure in GUI when you go to the website.

View File

@ -1,6 +1,4 @@
www.bensuperpc.org { www.bensuperpc.org {
# push
root * /var/www/html root * /var/www/html
php_fastcgi wordpress:9000 php_fastcgi wordpress:9000
@ -30,5 +28,13 @@ bensuperpc.org {
} }
adminer.bensuperpc.org { adminer.bensuperpc.org {
reverse_proxy adminer:7777 reverse_proxy adminer:8080
}
bensuperpc.com {
redir https://www.bensuperpc.org{uri} permanent
}
www.bensuperpc.com {
redir https://www.bensuperpc.org{uri} permanent
} }

View File

@ -1,14 +1,14 @@
version: '3.7' version: '3.9'
# https://minhcung.me/how-to-start-wordpress-with-caddy-using-docker-compose-3d31bb9ef88b
services: services:
# Database
database: database:
image: mariadb:latest image: mariadb:latest
container_name: database container_name: database
profiles: profiles:
- database - database
restart: on-failure
volumes: volumes:
- database:/var/lib/mysql:rw - database:/var/lib/mysql:rw
restart: always
env_file: env_file:
- env/mariadb.env - env/mariadb.env
environment: environment:
@ -16,15 +16,18 @@ services:
command: '--default-authentication-plugin=mysql_native_password' command: '--default-authentication-plugin=mysql_native_password'
networks: networks:
- blog-network - blog-network
security_opt:
- no-new-privileges:true
# Wordpress # Wordpress
wordpress: wordpress:
depends_on:
- database
image: wordpress:fpm image: wordpress:fpm
container_name: wordpress container_name: wordpress
profiles: profiles:
- wordpress - wordpress
restart: always restart: on-failure
depends_on:
- database
env_file: env_file:
- env/wordpress.env - env/wordpress.env
volumes: volumes:
@ -32,18 +35,19 @@ services:
- wordpress:/var/www/html:rw - wordpress:/var/www/html:rw
networks: networks:
- blog-network - blog-network
security_opt:
- no-new-privileges:true
# Webserver # Webserver
caddy: caddy:
image: caddy:alpine image: caddy:alpine
container_name: webserver container_name: webserver
profiles: profiles:
- webserver - webserver
restart: always restart: on-failure
ports: ports:
- 80:80/tcp - 80:80
- 80:80/udp - 443:443
- 443:443/tcp
- 443:443/udp
volumes: volumes:
- wordpress:/var/www/html:rw - wordpress:/var/www/html:rw
- caddy_data:/data:rw - caddy_data:/data:rw
@ -51,26 +55,31 @@ services:
- ./caddy:/etc/caddy:ro - ./caddy:/etc/caddy:ro
networks: networks:
- blog-network - blog-network
security_opt:
- no-new-privileges:true
# Adminer
adminer: adminer:
image: adminer:latest image: adminer:latest
container_name: adminer container_name: adminer
profiles: profiles:
- adminer - adminer
restart: always restart: on-failure
env_file: env_file:
- env/adminer.env - env/adminer.env
depends_on: depends_on:
- database - database
networks: networks:
- blog-network - blog-network
# security_opt: security_opt:
# - no-new-privileges:true - no-new-privileges:true
# - seccomp:unconfined # - seccomp:unconfined
# - apparmor:unconfined # - apparmor:unconfined
# cap_drop: # cap_drop:
# - ALL # - ALL
# cap_add: # cap_add:
# - CHOWN # - CHOWN
networks: networks:
blog-network: blog-network:
driver: bridge driver: bridge