From 62217ba18e0a910dccb2509c4b92fcf542049614 Mon Sep 17 00:00:00 2001 From: topilski Date: Thu, 6 Jun 2019 14:39:53 -0400 Subject: [PATCH] Docker compose --- Dockerfile | 1 + app/config/config.py | 4 +-- docker-compose.yml | 27 ++++++++++++++++ nginx/fastogt.com | 74 -------------------------------------------- nginx/nginx.conf | 23 ++++++++++++++ 5 files changed, 53 insertions(+), 76 deletions(-) create mode 100644 docker-compose.yml delete mode 100644 nginx/fastogt.com create mode 100644 nginx/nginx.conf diff --git a/Dockerfile b/Dockerfile index 801a6ab..7221136 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,6 +4,7 @@ LABEL maintainer="FastoGT Maintainers " COPY . /app WORKDIR /app + RUN pip install -r requirements.txt EXPOSE 8080 diff --git a/app/config/config.py b/app/config/config.py index d83f741..ee09320 100644 --- a/app/config/config.py +++ b/app/config/config.py @@ -1,5 +1,5 @@ MONGO_DBNAME = 'iptv' -MONGO_URI = 'mongodb://localhost:27017/' + MONGO_DBNAME +MONGO_URI = 'mongodb://mongodb:27017/' + MONGO_DBNAME MONGODB_SETTINGS = { 'db': MONGO_DBNAME, @@ -7,7 +7,7 @@ MONGODB_SETTINGS = { } SECRET_KEY = '1d4bb560a7644fa48852a92ce52d6e08' -SERVER_NAME_FOR_POST = '127.0.0.1:8080' +SERVER_NAME_FOR_POST = '0.0.0.0:8080' PREFERRED_URL_SCHEME = 'http' BOOTSTRAP_SERVE_LOCAL = True diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..f35797b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,27 @@ +version: '2' +services: + mongodb: + image: mongo:latest + container_name: "mongodb" + ports: + - 27017:27017 + iptv_admin: + build: + context: ./ + dockerfile: Dockerfile + image: iptv_admin:1.0.0 + container_name: iptv_admin + depends_on: + - mongodb + command: ./server.py + ports: + - 8080:8080 + nginx: + image: nginx + container_name: nginx + depends_on: + - iptv_admin + volumes: + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + ports: + - 80:80 diff --git a/nginx/fastogt.com b/nginx/fastogt.com deleted file mode 100644 index d1c690c..0000000 --- a/nginx/fastogt.com +++ /dev/null @@ -1,74 +0,0 @@ -upstream app_http_server { - server 127.0.0.1:8080; -} - -server { - listen 80; - server_name fastogt.com; - access_log /var/log/nginx/fastogt.log; - return 301 https://$server_name$request_uri; -} - -server { - listen 443 ssl; - server_name www.fastogt.com; - return 301 https://fastogt.com$request_uri; - - #ssl_certificate /etc/letsencrypt/live/fastogt.com/fullchain.pem; # managed by Certbot - #ssl_certificate_key /etc/letsencrypt/live/fastogt.com/privkey.pem; # managed by Certbot - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_prefer_server_ciphers on; - ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; - ssl_ecdh_curve secp384r1; - ssl_session_cache shared:SSL:10m; - ssl_session_tickets off; - ssl_stapling on; - ssl_stapling_verify on; -} - -server { - server_name fastogt.com; - access_log /var/log/nginx/fastogt.log; - - listen 443 ssl; - #ssl_certificate /etc/letsencrypt/live/fastogt.com/fullchain.pem; # managed by Certbot - #ssl_certificate_key /etc/letsencrypt/live/fastogt.com/privkey.pem; # managed by Certbot - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_prefer_server_ciphers on; - ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; - ssl_ecdh_curve secp384r1; - ssl_session_cache shared:SSL:10m; - ssl_session_tickets off; - ssl_stapling on; - ssl_stapling_verify on; - resolver 8.8.8.8 8.8.4.4 valid=300s; - resolver_timeout 5s; - # Disable preloading HSTS for now. You can use the commented out header line that includes - # the "preload" directive if you understand the implications. - # add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; - add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - - ssl_dhparam /etc/ssl/certs/dhparam.pem; - - location / { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header X-NginX-Proxy true; - - proxy_pass http://app_http_server; - proxy_redirect off; - } -} -# ssl_certificate /etc/nginx/ssl/nginx.crt; -# ssl_certificate_key /etc/nginx/ssl/nginx.key; -# apt-get install python-certbot-nginx -# certbot --nginx -d example.com -d www.example.com -# openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 -# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -# https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04 -# https://stackoverflow.com/questions/48997079/certbot-upgrade diff --git a/nginx/nginx.conf b/nginx/nginx.conf new file mode 100644 index 0000000..7a4020f --- /dev/null +++ b/nginx/nginx.conf @@ -0,0 +1,23 @@ +worker_processes 1; + +events { worker_connections 1024; } + +http { + upstream docker-nginx { + server iptv_admin:8080; + } + + server { + listen 80; + + location / { + proxy_pass http://docker-nginx; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + } + } + +}