Remnants/AdministrationItDepartmens
1
0
Fork 0
mirror of https://gitlab.com/MoonTestUse1/AdministrationItDepartmens.git synced 2025-08-14 00:25:46 +02:00
Code Activity

Merge remote changes and resolve conflicts

Browse Source
This commit is contained in:
MoonTestUse1
2024-12-25 02:21:10 +06:00
parent b7a43826ad
commit 79d37e2b0a
2 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docker-compose.yml
View File

@@ -9,9 +9,13 @@ services:
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./docker/nginx/conf.d:/etc/nginx/conf.d:ro
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- webroot:/var/www/html
depends_on:
- backend
@@ -30,5 +34,19 @@ services:
ports:
- "8000:8000"
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- webroot:/var/www/html
depends_on:
- frontend
command: certonly --webroot --webroot-path=/var/www/html --email admin@itformhelp.ru --agree-tos --no-eff-email --staging -d itformhelp.ru -d www.itformhelp.ru
volumes:
sqlite_data:
sqlite_data:
certbot-etc:
certbot-var:
webroot:

32
docker/nginx/conf.d/default.conf
View File

@@ -1,7 +1,39 @@
server {
listen 80;
listen [::]:80;
server_name itformhelp.ru www.itformhelp.ru;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name itformhelp.ru www.itformhelp.ru;
ssl_certificate /etc/letsencrypt/live/itformhelp.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/itformhelp.ru/privkey.pem;
# SSL configuration
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Modern configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# HSTS (uncomment if you're sure)
# add_header Strict-Transport-Security "max-age=63072000" always;
root /usr/share/nginx/html;
index index.html;