feat: added certbot so that we get https certs automatically on server (

#122) * feat: added certbot so that we get https certs automatically on server * feat: added readme heading
balzack · Oct 29, 2024 · 51b8b9e · 51b8b9e
1 parent b49b22e
commit 51b8b9e
Show file tree

Hide file tree

Showing 3 changed files with 76 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -56,10 +56,24 @@ The app is available on fdroid as well as the google and apple stores. You can t
 
 To use databag, you will need a DNS name pointing to your node with a certificate. You can deploy a node manually, but you will have a much easier time using a container service. Containers for arm64 and amd64 are available [here](https://hub.docker.com/r/balzack/databag/tags). 
 
-### Docker Compose Command
+### Docker Compose 
 
-From the net/container sub directory:
-  - sudo docker-compose -f compose.yaml -p databag up
+Launch with dockerhub container using docker compose:
+
+#### Standard launch
+```shell
+# From the net/container sub directory:
+docker-compose -f compose.yaml -p databag up
+```
+
+#### Launch with certbot https certificate
+```shell
+# FIRST: create a DNS entry in your DNS to point your desired subdomain to your host
+# SECOND: edit the net/container/docker-compose-swag.yml to include your domain name
+# THIRD: From the root of the project directory:
+mkdir -p ~/appdata
+docker-compose -f net/container/docker-compose-swag.yml -p databag up
+```
 
 ### Example with Portainer and Nginx Proxy Manager
 

diff --git a/net/container/docker-compose-swag.yml b/net/container/docker-compose-swag.yml
@@ -0,0 +1,36 @@
+---
+version: "2.1"
+services:
+  databag:
+    image: balzack/databag:latest
+    container_name: databag
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/London
+    ports:
+      - "7000:7000"
+    volumes:
+      - $HOME/appdata/databag:/var/lib/databag
+    restart: unless-stopped
+  swag:
+    image: lscr.io/linuxserver/swag
+    container_name: databag-ssl-proxy
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/London
+      - URL=YOURDOMAIN.COM
+      - SUBDOMAINS=databag,
+      - VALIDATION=http
+      - ONLY_SUBDOMAINS=true
+      - STAGING=false #optional
+    volumes:
+      - $HOME/appdata/swag:/config
+      - $PWD/net/container/ssl-proxy.conf:/config/nginx/proxy-confs/databag.subdomain.conf
+    ports:
+      - 443:443
+      - 80:80
+    restart: unless-stopped
diff --git a/net/container/ssl-proxy.conf b/net/container/ssl-proxy.conf
@@ -0,0 +1,23 @@
+# make sure that your dns has a cname set for databag
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name databag.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        resolver 127.0.0.11 valid=30s;
+        set $upstream_app databag;
+        set $upstream_port 7000;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}