Skip to content

Commit

Permalink
fix dockercompose
Browse files Browse the repository at this point in the history
  • Loading branch information
microstudi committed Jan 2, 2024
1 parent f39989a commit d26eea1
Show file tree
Hide file tree
Showing 3 changed files with 109 additions and 4 deletions.
18 changes: 18 additions & 0 deletions Dockerfile.nginx
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
FROM nginx

RUN apt-get update -qq && apt-get -y install apache2-utils

ENV RAILS_ROOT /app
WORKDIR $RAILS_ROOT

RUN mkdir log

COPY public public/
COPY nginx.conf /tmp/docker.nginx

RUN envsubst '$RAILS_ROOT' < /tmp/docker.nginx > /etc/nginx/conf.d/default.conf

EXPOSE 80
EXPOSE 443

CMD [ "nginx", "-g", "daemon off;" ]
16 changes: 12 additions & 4 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,17 @@
version: '3'
services:
web:
build:
context: .
dockerfile: Dockerfile.nginx
depends_on:
- app
ports:
- 80:80
- 443:443
volumes:
- /home/dockerexec/.local/share/docker/certs/ssl-bundle.pem:/root/ssl/ssl-bundle.pem
- /home/dockerexec/.local/share/docker/certs/privatekeymultidominiogetxo.pem:/root/ssl/privatekeymultidominiogetxo.pem
app:
build: .
volumes:
Expand All @@ -16,7 +28,6 @@ services:
- REDIS_URL=${REDIS_URL:-redis://redis:6379/0}
- WEB_CONCURRENCY=${WEB_CONCURRENCY:-2}
- LOG_LEVEL=${LOG_LEVEL:-info}
- MAPS_PROVIDER=${MAPS_PROVIDER:-here}
- DECIDIM_ENABLE_HTML_HEADER_SNIPPETS=${DECIDIM_ENABLE_HTML_HEADER_SNIPPETS:-true}
- DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS=${DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS:-0}
- CHANGE_ACTIVE_STEP=${CHANGE_ACTIVE_STEP:-enabled}
Expand All @@ -34,8 +45,6 @@ services:
- MAPS_PROVIDER=${MAPS_PROVIDER:-here}
- RACK_ATTACK_SECRET
- CENSUS_URL
ports:
- 3000:3000
depends_on:
- db
- redis
Expand All @@ -55,7 +64,6 @@ services:
- RUN_SIDEKIQ=true
- SIDEKIQ_CONCURRENCY=${SIDEKIQ_CONCURRENCY:-5}
- LOG_LEVEL=${LOG_LEVEL:-info}
- MAPS_PROVIDER=${MAPS_PROVIDER:-here}
- DECIDIM_ENABLE_HTML_HEADER_SNIPPETS=${DECIDIM_ENABLE_HTML_HEADER_SNIPPETS:-true}
- DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS=${DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS:-0}
- CHANGE_ACTIVE_STEP=${CHANGE_ACTIVE_STEP:-enabled}
Expand Down
79 changes: 79 additions & 0 deletions nginx.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
upstream app {
server 'app:3000';
}

server {
server_name _;
listen 80 default_server;
listen [::]:80 ipv6only=on default_server;
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;

ssl_certificate /etc/ssl/ssl-bundle.pem;
ssl_certificate_key /etc/ssl/privatekeymultidominiogetxo.pem;

# ~2 seconds is often enough for most folks to parse HTML/CSS and
# retrieve needed images/icons/frames, connections are cheap in
# nginx so increasing this is generally safe...
keepalive_timeout 5; # path for static files

root /app/public;
access_log /app/log/nginx.access.log;
error_log /app/log/nginx.error.log info;

# this rewrites all the requests to the maintenance.html
# page if it exists in the doc root. This is for capistrano's
# disable web task
if (-f $document_root/maintenance.html) {
rewrite ^(.*)$ /maintenance.html last;
break;
}

location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;

# If the file exists as a static file serve it directly without
# running all the other rewrite tests on it
if (-f $request_filename) {
break;
}

# check for index.html for directory index
# if it's there on the filesystem then rewrite
# the url to add /index.html to the end of it
# and then break to send it to the next config rules.
if (-f $request_filename/index.html) {
rewrite (.*) $1/index.html break;
}

# this is the meat of the rack page caching config
# it adds .html to the end of the url and then checks
# the filesystem for that file. If it exists, then we
# rewrite the url to have explicit .html on the end
# and then send it on its way to the next config rule.
# if there is no file on the fs then it sets all the
# necessary headers and proxies to our upstream pumas
if (-f $request_filename.html) {
rewrite (.*) $1.html break;
}

if (!-f $request_filename) {
proxy_pass http://app;
break;
}
}

# Now this supposedly should work as it gets the filenames with querystrings that Rails provides.
# BUT there's a chance it could break the ajax calls.
location ~* \.(ico|css|gif|jpe?g|png|js)(\?[0-9]+)?$ {
expires max;
break;
}

# Error pages
# error_page 500 502 503 504 /500.html;
location = /500.html {
root /app/current/public;
}
}

0 comments on commit d26eea1

Please sign in to comment.