Update config

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
This commit is contained in:
Bensuperpc 2023-11-25 17:34:59 +01:00
parent 1babc4f57b
commit 418724258e
3 changed files with 57 additions and 28 deletions

View File

@ -15,15 +15,9 @@ If you have any **questions** or **suggestions**, feel free to open an issue or
- [x] caddy 2 reverse proxy
- [x] Docker / docker-compose
- [x] ~~Letsencrypt / Certbot~~ (Caddy)
- [x] Caddy
- [x] Wordpress (Via FASTCGI/caddy)
- [x] PHPMyAdmin (MariaDB)
- [ ] Qbittorrent
- [ ] Jellyfin
- [ ] Gitea
- [ ] Mastodon
- [ ] Minecraft server (Hyperworld v2)
- [ ] SSL for all subdomains / Services (Not just the main domain)
- [x] Adminer (MariaDB)
## Screenshots
@ -53,19 +47,30 @@ cd infrastructure
### Get the SSL certificate
For all **bensuperpc.org**, you need to replace it with your domain, example: **bensuperpc.com**
For all **bensuperpc.org**, you need to replace it with your domain, example: **mydomain.com**
```sh
find . \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i 's/bensuperpc.org/bensuperpc.com/g'
find . \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i 's/bensuperpc.org/mydomain.com/g'
```
Check if all bensuperpc.* are replaced by your domain in [Caddyfile](caddy/wordpress/Caddyfile)
And then, caddy will generate the certificate for you and renew it automatically :D (It's easier than certbot and nginx)
### Configure the infrastructure
You must create a folder named `env` with the following content:
file named `.env` with the following content:
File named `wordpress.env` with the following content:
```sh
WORDPRESS_DB_USER=bensuperpc
WORDPRESS_DB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
WORDPRESS_DB_NAME=wordpress
WORDPRESS_DB_HOST=database:3306
```
Another file `mariadb.env`
```sh
MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
@ -74,6 +79,15 @@ MARIADB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
MARIADB_DATABASE=wordpress
```
Another file `adminer.env`
```sh
MYSQL_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
MYSQL_USER=bensuperpc
MYSQL_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
ADMINER_DEFAULT_SERVER=database
```
### Wordpress website
For the Wordpress website, you can configure in GUI when you go to the website.

View File

@ -1,6 +1,4 @@
www.bensuperpc.org {
# push
root * /var/www/html
php_fastcgi wordpress:9000
@ -30,5 +28,13 @@ bensuperpc.org {
}
adminer.bensuperpc.org {
reverse_proxy adminer:7777
reverse_proxy adminer:8080
}
bensuperpc.com {
redir https://www.bensuperpc.org{uri} permanent
}
www.bensuperpc.com {
redir https://www.bensuperpc.org{uri} permanent
}

View File

@ -1,14 +1,14 @@
version: '3.7'
# https://minhcung.me/how-to-start-wordpress-with-caddy-using-docker-compose-3d31bb9ef88b
version: '3.9'
services:
# Database
database:
image: mariadb:latest
container_name: database
profiles:
- database
restart: on-failure
volumes:
- database:/var/lib/mysql:rw
restart: always
env_file:
- env/mariadb.env
environment:
@ -16,15 +16,18 @@ services:
command: '--default-authentication-plugin=mysql_native_password'
networks:
- blog-network
security_opt:
- no-new-privileges:true
# Wordpress
wordpress:
depends_on:
- database
image: wordpress:fpm
container_name: wordpress
profiles:
- wordpress
restart: always
restart: on-failure
depends_on:
- database
env_file:
- env/wordpress.env
volumes:
@ -32,18 +35,19 @@ services:
- wordpress:/var/www/html:rw
networks:
- blog-network
security_opt:
- no-new-privileges:true
# Webserver
caddy:
image: caddy:alpine
container_name: webserver
profiles:
- webserver
restart: always
restart: on-failure
ports:
- 80:80/tcp
- 80:80/udp
- 443:443/tcp
- 443:443/udp
- 80:80
- 443:443
volumes:
- wordpress:/var/www/html:rw
- caddy_data:/data:rw
@ -51,26 +55,31 @@ services:
- ./caddy:/etc/caddy:ro
networks:
- blog-network
security_opt:
- no-new-privileges:true
# Adminer
adminer:
image: adminer:latest
container_name: adminer
profiles:
- adminer
restart: always
restart: on-failure
env_file:
- env/adminer.env
depends_on:
- database
networks:
- blog-network
# security_opt:
# - no-new-privileges:true
security_opt:
- no-new-privileges:true
# - seccomp:unconfined
# - apparmor:unconfined
# cap_drop:
# - ALL
# cap_add:
# - CHOWN
networks:
blog-network:
driver: bridge