mirror of
https://github.com/azaion/admin.git
synced 2026-04-22 21:46:33 +00:00
Alex Bezdieniezhnykh
94 lines
2.7 KiB
Bash
94 lines
2.7 KiB
Bash
#!/bin/sh
|
|
|
|
apt install -y docker.io apache2-utils certbot python3-certbot-nginx nginx
|
|
docker run -d -p 5000:5000 --name registry --restart always registry:latest
|
|
|
|
# create user for docker auth
|
|
cd /etc/nginx
|
|
mkdir auth
|
|
cd auth
|
|
htpasswd -c .htpasswd zxsanny
|
|
chmod 640 .htpasswd
|
|
chown root:www-data .htpasswd
|
|
|
|
# create certs
|
|
certbot --nginx -d api.mywebsite.com
|
|
certbot --nginx -d docker.mywebsite.com
|
|
|
|
cd /etc/nginx/sites-available
|
|
tee -a docker.azaion.com << END
|
|
server {
|
|
listen 443 ssl;
|
|
server_name docker.azaion.com;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/docker.azaion.com/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/docker.azaion.com/privkey.pem;
|
|
client_max_body_size 200M;
|
|
|
|
location / {
|
|
auth_basic "Registry";
|
|
auth_basic_user_file /etc/nginx/auth/.htpasswd;
|
|
proxy_pass http://localhost:5000;
|
|
proxy_set_header Host \$host;
|
|
proxy_set_header X-Real-IP \$remote_addr;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_set_header X-Forwarded-Port 443;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name docker.azaion.com;
|
|
client_max_body_size 200M;
|
|
|
|
location / {
|
|
auth_basic "Registry";
|
|
auth_basic_user_file /etc/nginx/auth/.htpasswd;
|
|
proxy_pass http://localhost:5000;
|
|
proxy_set_header Host \$host;
|
|
proxy_set_header X-Real-IP \$remote_addr;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_set_header X-Forwarded-Port 443;
|
|
}
|
|
}
|
|
END
|
|
ln -s /etc/nginx/sites-available/docker.azaion.com /etc/nginx/sites-enabled/
|
|
|
|
tee -a api.azaion.com << END
|
|
server {
|
|
listen 443 ssl;
|
|
server_name api.azaion.com;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/api.azaion.com/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/api.azaion.com/privkey.pem;
|
|
|
|
location / {
|
|
proxy_pass http://localhost:4000; # API service running on port 4000
|
|
proxy_set_header Host \$host;
|
|
proxy_set_header X-Real-IP \$remote_addr;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_set_header X-Forwarded-Port 443;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name api.azaion.com;
|
|
|
|
# Redirect all HTTP requests to HTTPS
|
|
return 301 https://\$host\$request_uri;
|
|
}
|
|
END
|
|
ln -s /etc/nginx/sites-available/api.azaion.com /etc/nginx/sites-enabled/
|
|
|
|
rm ../sites-enabled/default
|
|
nginx -t #check syntax
|
|
systemctl restart nginx
|
|
|
|
|
|
# and then from the other machine
|
|
docker login docker.azaion.com
|
|
# Enter Username zxsanny and pass which was set here htpasswd -c .htpasswd zxsanny |