Add documenation for Docker + Apache + Subfolder
This commit is contained in:
adjokic
GitHub
parent
bb52f8902d
commit
d6d806791d
@ -59,6 +59,155 @@ I used two paths `<sub path>` and `<www path>` for simplicity. In my case I have
|
||||
|
||||
I left out the TLS config in this example for simplicity.
|
||||
|
||||
## Docker + Apache + Sub-Path
|
||||
|
||||
The following could prove to be useful if you are not using Traefik, but instead run Apache as your reverse proxy to route all calls for a shared (sub)domain to a sub path, e.g. https://mydomain.tld/tandoor
|
||||
|
||||
As a side note, I am using [Blocky](https://0xerr0r.github.io/blocky/) + [Consul](https://hub.docker.com/r/hashicorp/consul) + [Registrator](https://hub.docker.com/r/gliderlabs/registrator) as a DNS solution.
|
||||
|
||||
The relevant Apache config:
|
||||
```
|
||||
<Location /tandoor>
|
||||
# in case you want to restrict access to specific IP addresses:
|
||||
Require local
|
||||
Require forward-dns [myhomedomain.useyourdomain.com]
|
||||
Require ip [anylocalorremoteipyouwanttowhitelist]
|
||||
|
||||
# The following assumes that tandoor.service.consul.local resolves to the IP address of the Docker container.
|
||||
ProxyPass http://tandoor.service.consul.local:8080/tandoor
|
||||
ProxyPassReverse http://tandoor.service.consul.local:8080/tandoor
|
||||
RequestHeader add X-Script-Name /tandoor
|
||||
RequestHeader set X-Forwarded-Proto "https"
|
||||
ProxyPreserveHost On
|
||||
</Location>
|
||||
<Location /tandoor/static>
|
||||
Require local
|
||||
Require forward-dns [myhomedomain.useyourdomain.com]
|
||||
Require ip [anylocalorremoteipyouwanttowhitelist]
|
||||
|
||||
ProxyPass http://tandoor.service.consul.local:8080/tandoor/tandoor/static
|
||||
ProxyPassReverse http://tandoor.service.consul.local:8080/tandoor/static
|
||||
RequestHeader add X-Script-Name /tandoor
|
||||
RequestHeader set X-Forwarded-Proto "https"
|
||||
ProxyPreserveHost On
|
||||
</Location>
|
||||
```
|
||||
and the relevant section from the docker-compose.yml:
|
||||
```
|
||||
tandoor:
|
||||
restart: always
|
||||
container_name: tandoor
|
||||
image: vabene1111/recipes
|
||||
environment:
|
||||
- SCRIPT_NAME=/tandoor
|
||||
- JS_REVERSE_SCRIPT_PREFIX=/tandoor
|
||||
- STATIC_URL=/tandoor/static/
|
||||
- MEDIA_URL=/tandoor/media/
|
||||
- GUNICORN_MEDIA=0
|
||||
- SECRET_KEY=${YOUR_TANDOOR_SECRET_KEY}
|
||||
- POSTGRES_HOST=postgres.service.consul.local
|
||||
- POSTGRES_PORT=${POSTGRES_PORT}
|
||||
- POSTGRES_USER=${YOUR_TANDOOR_POSTGRES_USER}
|
||||
- POSTGRES_PASSWORD=${YOUR_TANDOOR_POSTGRES_PASSWORD}
|
||||
- POSTGRES_DB=${YOUR_TANDOOR_POSTGRES_DB}
|
||||
labels:
|
||||
# The following is relevant only if you are using Registrator and Consul
|
||||
- "SERVICE_NAME=tandoor"
|
||||
volumes:
|
||||
- ${YOUR_DOCKER_VOLUME_BASE_DIR}/tandoor/static:/opt/recipes/staticfiles:rw
|
||||
# Do not make this a bind mount, see https://docs.tandoor.dev/install/docker/#volumes- vs-bind-mounts
|
||||
- tandoor_nginx_config:/opt/recipes/nginx/conf.d
|
||||
- ${YOUR_DOCKER_VOLUME_BASE_DIR}}/tandoor/media:/opt/recipes/mediafiles:rw
|
||||
depends_on:
|
||||
# You will have to set up postgres accordingly
|
||||
- postgres
|
||||
```
|
||||
|
||||
The relevant docker-compose.yml for Registrator, Consul, and Blocky, and Autoheal:
|
||||
```
|
||||
consul:
|
||||
image: hashicorp/consul
|
||||
container_name: consul
|
||||
command: >
|
||||
agent -server
|
||||
-domain consul.local
|
||||
-advertise=${YOUR_DOCKER_HOST_IP_ON_THE_LAN}
|
||||
-client=0.0.0.0
|
||||
-encrypt=${SOME_SECRET_KEY}
|
||||
-datacenter=${YOUR_DC_NAME}
|
||||
-bootstrap-expect=1
|
||||
-ui
|
||||
-log-level=info
|
||||
environment:
|
||||
- "CONSUL_LOCAL_CONFIG={\"skip_leave_on_interrupt\": true, \"dns_config\": { \"service_ttl\": { \"*\": \"0s\" } } }"
|
||||
network_mode: "host"
|
||||
restart: always
|
||||
|
||||
registrator:
|
||||
image: gliderlabs/registrator:latest
|
||||
container_name: registrator
|
||||
extra_hosts:
|
||||
- "host.docker.internal:host-gateway"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||
command: >
|
||||
-internal
|
||||
-cleanup=true
|
||||
-deregister="always"
|
||||
-resync=60
|
||||
consul://host.docker.internal:8500
|
||||
restart: always
|
||||
|
||||
blocky:
|
||||
image: spx01/blocky
|
||||
container_name: blocky
|
||||
restart: unless-stopped
|
||||
healthcheck:
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
start_period: 1m
|
||||
labels:
|
||||
# The following is only relevant if you use autoheal
|
||||
autoheal: true
|
||||
# Optional the instance hostname for logging purpose
|
||||
hostname: blocky
|
||||
extra_hosts:
|
||||
- "host.docker.internal:host-gateway"
|
||||
ports:
|
||||
- "1153:53/tcp"
|
||||
- "1153:53/udp"
|
||||
- 4000:4000
|
||||
environment:
|
||||
- TZ=YOUR_TIMEZONE # Optional to synchronize the log timestamp with host
|
||||
volumes:
|
||||
# Optional to synchronize the log timestamp with host
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
# config file
|
||||
- ${YOUR_DOCKER_VOLUME_BASE_DIR}/blocky/config.yml:/app/config.yml
|
||||
networks:
|
||||
# in case you want to bind Blocky to an IP address
|
||||
your-docker-network-name:
|
||||
ipv4_address: 'some-ip-address-in-the-docker-network-subnet'
|
||||
|
||||
autoheal:
|
||||
image: willfarrell/autoheal
|
||||
volumes:
|
||||
- '/var/run/docker.sock:/var/run/docker.sock'
|
||||
environment:
|
||||
- AUTOHEAL_CONTAINER_LABEL=autoheal
|
||||
restart: always
|
||||
container_name: autoheal
|
||||
|
||||
```
|
||||
as well as a snippet of the Blocky configuration:
|
||||
```
|
||||
conditional:
|
||||
fallbackUpstream: false
|
||||
mapping:
|
||||
consul.local: tcp+udp:host.docker.internal:8600
|
||||
```
|
||||
|
||||
|
||||
## WSL
|
||||
|
||||
If you want to install Tandoor on the Windows Subsystem for Linux you can find a detailed post here: <https://github.com/TandoorRecipes/recipes/issues/1733>.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user