thumbscrw/matrix-homeserver-docker-compose
1
0
Fork 0
mirror of https://github.com/Thumbscrew/matrix-homeserver-docker-compose.git synced 2025-01-19 01:55:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

add nginx reverse proxy

Browse Source
This commit is contained in:
James 2022-01-29 00:48:09 +00:00
parent e658d71853
commit 4f1dbe2b07
5 changed files with 62 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.env.example
View File

@ -1,11 +1,17 @@
# synapse # synapse
SYNAPSE_IMAGE_TAG=latest SYNAPSE_IMAGE_TAG=latest
SERVER_NAME=localhost SERVER_NAME=localhost
HTTP_PORT=8008
CONFIG_DIR=/data CONFIG_DIR=/data
CONFIG_FILE_NAME=homeserver.yaml CONFIG_FILE_NAME=homeserver.yaml
UID=991 UID=991
GID=991 GID=991
TZ=UTC TZ=UTC
# postgres
POSTGRESQL_IMAGE_TAG=14 POSTGRESQL_IMAGE_TAG=14
# nginx
HTTPS_PORT=443
FEDERATION_HTTPS_PORT=8448
SSL_CERT_PATH=/etc/ssl/certs/ssl-cert-snakeoil.pem
SSL_KEY_PATH=/etc/ssl/private/ssl-cert-snakeoil.key

22
docker-compose.yaml
View File

@ -25,13 +25,31 @@ services:
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- synapse-data:${CONFIG_DIR} - synapse-data:${CONFIG_DIR}
ports:
- 8008:8008
environment: environment:
SYNAPSE_CONFIG_DIR: ${CONFIG_DIR} SYNAPSE_CONFIG_DIR: ${CONFIG_DIR}
SYNAPSE_CONFIG_PATH: ${CONFIG_DIR}/${CONFIG_FILE_NAME} SYNAPSE_CONFIG_PATH: ${CONFIG_DIR}/${CONFIG_FILE_NAME}
UID: ${UID} UID: ${UID}
GID: ${GID} GID: ${GID}
TZ: ${TZ} TZ: ${TZ}
ports:
- ${HTTP_PORT}:8008
depends_on: depends_on:
- postgres - postgres
nginx:
build: nginx
restart: unless-stopped
ports:
- 443:443
- 8448:8448
volumes:
- ${SSL_CERT_PATH}:${SSL_CERT_PATH}
- ${SSL_KEY_PATH}:${SSL_KEY_PATH}
environment:
SERVER_NAME: ${SERVER_NAME}
HTTPS_PORT: ${HTTPS_PORT}
FEDERATION_HTTPS_PORT: ${FEDERATION_HTTPS_PORT}
SSL_CERT_PATH: ${SSL_CERT_PATH}
SSL_KEY_PATH: ${SSL_KEY_PATH}
depends_on:
- synapse

9
nginx/Dockerfile Normal file
View File

@ -0,0 +1,9 @@
FROM nginx:latest
COPY default.conf /tmp/nginx/default.conf
COPY docker-entrypoint.sh /tmp/docker-entrypoint.sh
RUN chmod 755 /tmp/docker-entrypoint.sh
ENTRYPOINT [ "/tmp/docker-entrypoint.sh" ]
CMD ["nginx", "-g", "daemon off;"]

19
nginx/default.conf Normal file
View File

@ -0,0 +1,19 @@
server {
listen ${HTTPS_PORT} ssl http2;
# For the federation port
listen ${FEDERATION_HTTPS_PORT} ssl http2 default_server;
server_name ${SERVER_NAME};
ssl_certificate ${SSL_CERT_PATH};
ssl_certificate_key ${SSL_KEY_PATH};
location ~ ^(/_matrix|/_synapse/client) {
proxy_pass http://synapse:8008;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 50M;
}
}

6
nginx/docker-entrypoint.sh Normal file
View File

@ -0,0 +1,6 @@
#!/usr/bin/env sh
set -eu
envsubst '${SERVER_NAME} ${HTTPS_PORT} ${FEDERATION_HTTPS_PORT} ${SSL_CERT_PATH} ${SSL_KEY_PATH}' < /tmp/nginx/default.conf > /etc/nginx/conf.d/default.conf
exec "$@"