Merge pull request #1482 from solid/docker-examples

add all-in-one example docker-compose

Author: angelo-v

docker-image/README.md

@@ -42,6 +42,13 @@ When using nginx to proxy HTTPS connections to Solid you will need to specify HT
 This approach is useful if you do not wish to grant Solid access to your HTTPS certificates, as nginx does not validate
 the self-signed certificates that Solid generates for its proxy_pass connection.
 
+#### All-in one nginx proxy + letsencrypt + solid server 
+
+`./examples/docker-compose.all-in-one.yml`
+
+Run solid-server on port 8443 behind a [nginx proxy](https://hub.docker.com/r/jwilder/nginx-proxy/) on 443, including
+certificate generation via [letsencrypt companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion).
+
 #### Other setups
 
 The setup you need is not presented here? Feel free to ask, or provide a Pull Request

docker-image/examples/docker-compose.all-in-one.yml

@@ -0,0 +1,76 @@
+# This example assumes, that you are not running another application or proxy on ports 80 / 443.
+# It provides an all-in-one solution to start a docker-server together with an nginx proxy and
+# automatic letsencrypt certificate generation and renewal.
+#
+# It is based on https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion/blob/master/docs/Docker-Compose.md
+#
+# Adjust any line that is commented with (!):
+# 1. Change any occurrence of the domain `solid.example` to your actual domain
+# 2. Adjust the `latest` tag to a specific version you want to use.
+
+version: '3.7'
+services:
+  nginx:
+    container_name: nginx
+    image: jwilder/nginx-proxy:latest
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - nginx-conf:/etc/nginx/conf.d
+      - vhostd:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - certs:/etc/nginx/certs:ro
+
+  letsencrypt:
+    container_name: letsencrypt
+    image: jrcs/letsencrypt-nginx-proxy-companion:latest
+    restart: always
+    environment:
+      - "NGINX_PROXY_CONTAINER=nginx"
+    volumes:
+      - nginx-conf:/etc/nginx/conf.d
+      - vhostd:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - certs:/etc/nginx/certs
+
+  server:
+    image: nodesolidserver/node-solid-server:latest # (!) use specific version tag here
+
+    # this ensures automatic container start, when host reboots
+    restart: always
+
+    expose:
+      - 8443
+
+    volumes:
+      # mount local directories to the container
+      # (!) the host directories have to exist and be owned by UID 1000
+      - /opt/solid/data:/opt/solid/data
+      - /opt/solid/.db:/opt/solid/.db
+      - /opt/solid/config:/opt/solid/config
+      - certs:/opt/solid/certs
+
+    environment:
+      # (!) use your actual SOLID_SERVER_URI
+      - "SOLID_SERVER_URI=https://solid.example"
+      # (!) adjust path to the letsencrypt key and cert
+      - "SOLID_SSL_KEY=/opt/solid/certs/solid.example/key.pem"
+      - "SOLID_SSL_CERT=/opt/solid/certs/solid.example/fullchain.pem"
+      # (!) use your actual host name
+      - "VIRTUAL_HOST=solid.example"
+      - "VIRTUAL_PORT=8443"
+      - "VIRTUAL_PROTO=https"
+      # (!) use your actual host name
+      - "LETSENCRYPT_HOST=solid.example"
+      # (!) use your actual email
+      - "LETSENCRYPT_EMAIL=your@mail.example"
+
+volumes:
+  nginx-conf:
+  vhostd:
+  html:
+  certs:

docker-image/examples/docker-compose.nginx.yml

@@ -43,6 +43,7 @@ services:
       - "VIRTUAL_PROTO=https"
       # (!) use your actual host name
       - "LETSENCRYPT_HOST=solid.example"
+      # (!) use your actual email
       - "LETSENCRYPT_EMAIL=your@mail.example"
 volumes:
   # (!) mount certificates from an external volume from your nginx setup