set defaults for caddyfile
This commit is contained in:
Karol Wypchlo
parent
dec8e2305e
commit
143ef617fe
|
|
@ -1,30 +1,36 @@
|
|||
(custom.domain) {
|
||||
{$DOMAIN_NAME} {
|
||||
tls {$EMAIL_ADDRESS}
|
||||
reverse_proxy nginx:80
|
||||
}
|
||||
}
|
||||
# Make sure you have DOMAIN_NAME specified in .env file ie. siasky.net, you need it to fetch correct certificates.
|
||||
# DOMAIN_NAME_ALIAS is optional, in case you run multiple servers under the same domain like we do for siasky.net
|
||||
# then you might want to use it for something server specific that would let you connect to this specific server
|
||||
# and disregard load balancer, ie. germany.siasky.net
|
||||
|
||||
(siasky.net) {
|
||||
siasky.net, *.siasky.net, *.hns.siasky.net {
|
||||
tls {
|
||||
dns route53 {
|
||||
max_retries 50
|
||||
}
|
||||
{$DOMAIN_NAME}, *.{$DOMAIN_NAME}, *.hns.{$DOMAIN_NAME}, {$DOMAIN_NAME_ALIAS}, *.{$DOMAIN_NAME_ALIAS}, *.hns.{$DOMAIN_NAME_ALIAS} {
|
||||
# If you want to use basic http-01 (basic, good for one server setup) certificate challenge
|
||||
# then uncomment the line below and make sure you have EMAIL_ADDRESS specified in .env file
|
||||
# and comment the tls block that contains the dns challenge configuration.
|
||||
|
||||
# tls {$EMAIL_ADDRESS}
|
||||
|
||||
tls {
|
||||
# We are using route53 as our dns provider and it requires additional AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
|
||||
# environment variables in .env file. You can use other providers by using specific package from
|
||||
# https://github.com/caddy-dns in the docker/caddy/Dockerfile in place our the route53 one.
|
||||
|
||||
dns route53 {
|
||||
max_retries 50
|
||||
}
|
||||
reverse_proxy nginx:80
|
||||
}
|
||||
|
||||
reverse_proxy nginx:80
|
||||
}
|
||||
|
||||
(localhost) {
|
||||
:443 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
reverse_proxy nginx:80
|
||||
}
|
||||
}
|
||||
# This block below is optional if you want to generate internal certificate for the server ip address.
|
||||
# It is useful in case you have services trying to reach the server through ip and not domain like health checks.
|
||||
# It will generate internal certificate so browsers will warn you when connecting but that not a problem.
|
||||
|
||||
import localhost
|
||||
# import custom.domain
|
||||
# import siasky.net
|
||||
:443 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
|
||||
reverse_proxy nginx:80
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,8 +48,8 @@ You a can now ssh into your machine as the user `user`.
|
|||
**Following step will be executed on remote host logged in as a `user`:**
|
||||
|
||||
1. `sudo apt-get install git -y` to install git
|
||||
1. `git clone https://github.com/NebulousLabs/skynet-webportal`
|
||||
1. `cd skynet-webportal`
|
||||
1. `git clone https://github.com/SkynetLabs/skynet-webportal`
|
||||
1. `cd skynet-webportal`
|
||||
1. run setup scripts in the exact order and provide sudo password when asked (if one of them fails, you can retry just this one before proceeding further)
|
||||
1. `/home/user/skynet-webportal/setup-scripts/setup-server.sh`
|
||||
1. `/home/user/skynet-webportal/setup-scripts/setup-docker-services.sh`
|
||||
|
|
@ -81,7 +81,9 @@ At this point we have almost everything running, we just need to set up your wal
|
|||
### Step 4: configuring docker services
|
||||
|
||||
1. edit `/home/user/skynet-webportal/.env` and configure following environment variables
|
||||
|
||||
- `DOMAIN_NAME` (optional) is your domain name if you have it
|
||||
- `DOMAIN_NAME_ALIAS` (optional) alias to your domain name if you have, set to domain name if not used
|
||||
- `EMAIL_ADDRESS` (required) is your email address used for communication regarding SSL certification (required)
|
||||
- `SIA_WALLET_PASSWORD` (required) is your wallet password (or seed if you did not set a password)
|
||||
- `HSD_API_KEY` (optional) this is a random security key for a handshake integration that gets generated automatically
|
||||
|
|
@ -101,7 +103,10 @@ At this point we have almost everything running, we just need to set up your wal
|
|||
with path to the location in the bucket where we want to store the daily backups.
|
||||
|
||||
1. if you have a custom domain and you configured it in `DOMAIN_NAME`, edit `/home/user/skynet-webportal/docker/caddy/Caddyfile` and uncomment `import custom.domain`
|
||||
1. only for siasky.net domain instances: edit `/home/user/skynet-webportal/docker/caddy/Caddyfile`, uncomment `import siasky.net`
|
||||
1. edit `/home/user/skynet-webportal/docker/caddy/Caddyfile`:
|
||||
|
||||
- if you are not running our uncomment `import siasky.net`
|
||||
|
||||
1. `docker-compose up -d` to restart the services so they pick up new env variables
|
||||
1. `docker exec caddy caddy reload --config /etc/caddy/Caddyfile` to reload Caddyfile configuration
|
||||
1. add your custom Kratos configuration to `/home/user/skynet-webportal/docker/kratos/config/kratos.yml` (in particular, the credentials for your mail server should be here, rather than in your source control). For a starting point you can take `docker/kratos/config/kratos.yml.sample`.
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ docker-compose --version # sanity check
|
|||
|
||||
# Create dummy .env file for docker-compose usage with variables
|
||||
# * DOMAIN_NAME - the domain name your server is using ie. example.com
|
||||
# * DOMAIN_NAME_ALIAS - the domain name alias you might want to give to this specific server ie. germany.example.com
|
||||
# * SKYNET_PORTAL_API - absolute url to the portal api ie. https://example.com
|
||||
# * SKYNET_DASHBOARD_URL - (optional) absolute url to the portal dashboard ie. https://account.example.com
|
||||
# * EMAIL_ADDRESS - this is the administrator contact email you need to supply for communication regarding SSL certification
|
||||
|
|
@ -43,7 +44,7 @@ docker-compose --version # sanity check
|
|||
# * CR_CLUSTER_NODES - (optional) if using `accounts` the list of servers (with ports) which make up your CockroachDB cluster, e.g. `helsinki.siasky.net:26257,germany.siasky.net:26257,us-east.siasky.net:26257`
|
||||
if ! [ -f /home/user/skynet-webportal/.env ]; then
|
||||
HSD_API_KEY=$(openssl rand -base64 32) # generate safe random key for handshake
|
||||
printf "DOMAIN_NAME=example.com\nSKYNET_PORTAL_API=https://example.com\nSKYNET_DASHBOARD_URL=https://account.example.com\nEMAIL_ADDRESS=email@example.com\nSIA_WALLET_PASSWORD=\nHSD_API_KEY=${HSD_API_KEY}\nCLOUDFLARE_AUTH_TOKEN=\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\nPORTAL_NAME=\nDISCORD_BOT_TOKEN=\n" > /home/user/skynet-webportal/.env
|
||||
printf "DOMAIN_NAME=example.com\nDOMAIN_NAME_ALIAS=example.com\nSKYNET_PORTAL_API=https://example.com\nSKYNET_DASHBOARD_URL=https://account.example.com\nEMAIL_ADDRESS=email@example.com\nSIA_WALLET_PASSWORD=\nHSD_API_KEY=${HSD_API_KEY}\nCLOUDFLARE_AUTH_TOKEN=\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\nPORTAL_NAME=\nDISCORD_BOT_TOKEN=\n" > /home/user/skynet-webportal/.env
|
||||
fi
|
||||
|
||||
# Start docker container with nginx and client
|
||||
|
|
|
|||
Reference in New Issue