addedssl-https forward
This commit is contained in:
parent
1e7ad4ce61
commit
72cfee5612
|
|
@ -5,14 +5,13 @@ services:
|
|||
image: mariadb:10.11
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
# --- CHANGE THESE SECRETS ---
|
||||
# --- REPLACE THESE SECRETS ---
|
||||
MYSQL_ROOT_PASSWORD: your_very_strong_root_password
|
||||
MYSQL_DATABASE: filerun
|
||||
MYSQL_USER: filerun
|
||||
MYSQL_PASSWORD: your_very_strong_filerun_password
|
||||
# ----------------------------
|
||||
volumes:
|
||||
# Maps the 'db_data' folder on your host machine to the MariaDB data directory.
|
||||
- ./db_data:/var/lib/mysql
|
||||
networks:
|
||||
- internal
|
||||
|
|
@ -26,15 +25,13 @@ services:
|
|||
FR_DB_PORT: 3306
|
||||
FR_DB_NAME: filerun
|
||||
FR_DB_USER: filerun
|
||||
# --- CHANGE THIS SECRET ---
|
||||
# --- REPLACE THIS SECRET ---
|
||||
FR_DB_PASS: your_very_strong_filerun_password
|
||||
# --------------------------
|
||||
APACHE_RUN_USER: www-data
|
||||
APACHE_RUN_GROUP: www-data
|
||||
volumes:
|
||||
# Maps the 'filerun_html' folder on your host machine for the application files.
|
||||
- ./filerun_html:/var/www/html
|
||||
# Maps the 'user_data' folder on your host machine for actual user files.
|
||||
- ./user_data:/user-files
|
||||
networks:
|
||||
- internal
|
||||
|
|
@ -44,21 +41,26 @@ services:
|
|||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
# HTTP → HTTPS redirect
|
||||
# --- CRITICAL: FILE-RUN HTTPS MIDDLEWARE ---
|
||||
# This middleware is vital for FileRun to correctly detect HTTPS when behind Traefik.
|
||||
- "traefik.http.middlewares.filerun-headers.headers.customresponseheaders.X-Forwarded-Proto=https"
|
||||
|
||||
# --- HTTP (Port 80) Router: Redirect to HTTPS ---
|
||||
- "traefik.http.routers.filerun-http.entrypoints=web"
|
||||
- "traefik.http.routers.filerun-http.rule=Host(`filerun.rozic-dev.com`)"
|
||||
- "traefik.http.routers.filerun-http.middlewares=redirect-to-https"
|
||||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||||
- "traefik.http.routers.filerun-http.middlewares=redirect-to-https@docker" # Assumes a global Traefik redirect middleware
|
||||
|
||||
# HTTPS router
|
||||
# --- HTTPS (Port 443) Router ---
|
||||
- "traefik.http.routers.filerun-https.entrypoints=websecure"
|
||||
- "traefik.http.routers.filerun-https.rule=Host(`filerun.rozic-dev.com`)"
|
||||
- "traefik.http.routers.filerun-https.tls=true"
|
||||
- "traefik.http.routers.filerun-https.tls.certresolver=letsencrypt"
|
||||
- "traefik.http.routers.filerun-https.middlewares=filerun-headers@docker" # Apply the X-Forwarded-Proto header
|
||||
- "traefik.http.routers.filerun-https.priority=100" # Optional: higher priority
|
||||
|
||||
# Service definition
|
||||
# --- Service Definition ---
|
||||
- "traefik.http.services.filerun.loadbalancer.server.port=80"
|
||||
# IMPORTANT: Since Traefik is handling traffic, DO NOT include a 'ports' section here.
|
||||
|
||||
networks:
|
||||
internal:
|
||||
|
|
|
|||
Loading…
Reference in a new issue