mirror of https://gitgud.io/fatchan/jschan.git
some TODO's still: - make the jschan dockerfile not just COPY everything, make it have better stages and caching - maybe run gulp in the CMD instead of in the build only? - bring all the jschan files into another volume - custom nginx container (self-signed ssl, geoip database) - passwords for db/redis. should be easy with the official dockers, just a few env vars not an exhaustive listmerge-requests/341/head
parent
4c1a38c960
commit
cce0bc661d
6 changed files with 150 additions and 1 deletions
@ -0,0 +1,37 @@ |
||||
version: "3.5" |
||||
services: |
||||
|
||||
redis: |
||||
image: redis:alpine |
||||
|
||||
mongodb: |
||||
image: mongo:latest |
||||
|
||||
nginx: |
||||
image: nginx:stable |
||||
volumes: |
||||
- ./docker/nginx.conf:/etc/nginx/conf.d/jschan.conf |
||||
- ./configs/nginx/snippets/:/etc/nginx/snippets/ |
||||
- ./docker/jschan_clearnet_routes.conf/:/etc/nginx/snippets/jschan_clearnet_routes.conf |
||||
ports: |
||||
- "8080:81" |
||||
depends_on: |
||||
- jschan |
||||
|
||||
jschan: |
||||
build: |
||||
context: . |
||||
dockerfile: ./docker/jschan-Dockerfile |
||||
network: jschan_default |
||||
volumes: |
||||
- ./docker/secrets.js:/opt/configs/secrets.js |
||||
environment: |
||||
- NODE_ENV=development |
||||
- JSCHAN_IP=0.0.0.0 |
||||
depends_on: |
||||
- redis |
||||
- mongodb |
||||
|
||||
networks: |
||||
default: |
||||
name: jschan_default |
@ -0,0 +1,16 @@ |
||||
FROM node:16 |
||||
|
||||
WORKDIR /opt |
||||
ENV NODE_ENV development |
||||
|
||||
COPY . /opt/ |
||||
COPY ./docker/secrets.js /opt/configs/secrets.js |
||||
|
||||
RUN npm install |
||||
RUN npm run-script setup |
||||
RUN gulp reset |
||||
RUN gulp |
||||
|
||||
EXPOSE 7000 |
||||
|
||||
CMD [ "pm2-runtime", "start", "ecosystem.config.js" ] |
@ -0,0 +1,40 @@ |
||||
location / { |
||||
proxy_buffering off; |
||||
proxy_pass http://chan$request_uri; |
||||
proxy_http_version 1.1; |
||||
|
||||
proxy_set_header Host $host; |
||||
proxy_set_header Upgrade $http_upgrade; |
||||
proxy_set_header Connection 'upgrade'; |
||||
proxy_cache_bypass $http_upgrade; |
||||
|
||||
proxy_set_header X-Forwarded-Proto https; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Country-Code 'XX'; |
||||
} |
||||
|
||||
location @backend { |
||||
proxy_buffering off; |
||||
proxy_pass http://chan$request_uri; |
||||
proxy_http_version 1.1; |
||||
proxy_set_header X-Forwarded-Proto https; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Country-Code 'XX'; |
||||
proxy_set_header Connection ''; |
||||
proxy_set_header Host $host; |
||||
} |
||||
|
||||
location @backend-private { |
||||
include /etc/nginx/snippets/security_headers_nocache.conf; |
||||
proxy_buffering off; |
||||
proxy_pass http://chan$request_uri; |
||||
proxy_http_version 1.1; |
||||
proxy_set_header X-Forwarded-Proto https; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Country-Code 'XX'; |
||||
proxy_set_header Connection ''; |
||||
proxy_set_header Host $host; |
||||
} |
@ -0,0 +1,16 @@ |
||||
upstream chan { |
||||
server jschan:7000; |
||||
} |
||||
|
||||
server { |
||||
server_name _; |
||||
client_max_body_size 0; |
||||
|
||||
listen 81; |
||||
listen [::]:81; |
||||
|
||||
include /etc/nginx/snippets/security_headers.conf; |
||||
include /etc/nginx/snippets/error_pages.conf; |
||||
include /etc/nginx/snippets/jschan_clearnet_routes.conf; |
||||
include /etc/nginx/snippets/jschan_common_routes.conf; |
||||
} |
@ -0,0 +1,40 @@ |
||||
module.exports = { |
||||
|
||||
//mongodb connection string
|
||||
dbURL: 'mongodb://mongodb:27017', |
||||
|
||||
//database name
|
||||
dbName: 'jschan', |
||||
|
||||
//redis connection info
|
||||
redis: { |
||||
host: 'redis', |
||||
port: '6379', |
||||
password: '' |
||||
}, |
||||
|
||||
//backend webserver port
|
||||
port: 7000, |
||||
|
||||
//secrets/salts for various things
|
||||
cookieSecret: 'changeme', |
||||
tripcodeSecret: 'changeme', |
||||
ipHashSecret: 'changeme', |
||||
postPasswordSecret: 'changeme', |
||||
|
||||
//keys for google recaptcha
|
||||
google: { |
||||
siteKey: 'changeme', |
||||
secretKey: 'changeme' |
||||
}, |
||||
|
||||
//keys for hcaptcha
|
||||
hcaptcha: { |
||||
siteKey: '10000000-ffff-ffff-ffff-000000000001', |
||||
secretKey: '0x0000000000000000000000000000000000000000' |
||||
}, |
||||
|
||||
//enable debug logging
|
||||
debugLogs: true, |
||||
|
||||
}; |
Loading…
Reference in new issue