db root localhost only

This commit is contained in:
finn 2024-08-06 16:27:32 +00:00
parent cd61c513c7
commit d1d64b181a
5 changed files with 57 additions and 14 deletions

View File

@ -16,6 +16,7 @@ services:
networks: networks:
- backnet - backnet
environment: environment:
- MARIADB_ROOT_HOST=localhost
- MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD} - MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD}
expose: expose:
- 3306 - 3306
@ -30,7 +31,7 @@ services:
#tty: true #tty: true
restart: always restart: always
# Comment following line to use flask (1worker, dev), uncomment to use uwsgi (wsgi) # Comment following line to use flask (1worker, dev), uncomment to use uwsgi (wsgi)
#command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "microblog:app"] command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "microblog:app"]
container_name: backend container_name: backend
environment: environment:
- MYSQL_USER=flasku - MYSQL_USER=flasku
@ -94,9 +95,9 @@ services:
proxy: proxy:
build: proxy build: proxy
restart: always restart: always
#volumes: volumes:
# - /home/finn/d/cert/var/lib/letsencrypt:/var/lib/letsencrypt:ro - /home/finn/d/cert/var/lib/letsencrypt:/var/lib/letsencrypt:ro
# - /home/finn/d/cert/etc/letsencrypt:/etc/letsencrypt:ro - /home/finn/d/cert/etc/letsencrypt:/etc/letsencrypt:ro
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443

View File

@ -16,6 +16,7 @@ services:
networks: networks:
- backnet - backnet
environment: environment:
- MARIADB_ROOT_HOST=localhost
- MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD} - MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD}
expose: expose:
- 3306 - 3306

View File

@ -16,6 +16,7 @@ services:
networks: networks:
- backnet - backnet
environment: environment:
- MARIADB_ROOT_HOST=localhost
- MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD} - MARIADB_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD}
expose: expose:
- 3306 - 3306

View File

@ -1,12 +1,52 @@
#server {
# listen 80;
# server_name localhost;
# location / {
# proxy_pass http://backend:8000;
# }
# always redirect to https
server { server {
listen 80; listen 80 default_server;
server_name localhost; server_name _;
location / { return 301 https://$host$request_uri;
proxy_pass http://backend:8000;
}
location /gutty{
proxy_pass http://gitea:3000;
}
} }
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name oily.dad www.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
proxy_pass http://backend:8000/;
}
}
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name gut.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
client_max_body_size 512M;
#proxy_pass http://localhost:3000;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitea:3000/;
}
}