Skip to content
This repository has been archived by the owner on May 20, 2022. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
simplify reverse proxy (#98)
make use of mainline nginx image, switch ssl/non-ssl config file based on presence of cert/key, hardcode app port since it is hardcoded in the app container as well
  • Loading branch information
nikosch86 authored and xcompass committed Feb 26, 2017
1 parent 142b766 commit f7c78e6
Show file tree
Hide file tree
Showing 7 changed files with 15 additions and 48 deletions.
18 changes: 2 additions & 16 deletions README.md
Expand Up @@ -23,14 +23,7 @@ make sure to set the appropriate values for `MM_USERNAME`, `MM_PASSWORD` and `MM

### Install with SSL certificate

1. Open docker-compose.yml and set `MATTERMOST_ENABLE_SSL` to true.

```
environment:
- MATTERMOST_ENABLE_SSL=true
```

2. Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
1. Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
no password as `./volumes/web/cert/key-no-password.pem`. If you don't have
them you may generate a self-signed SSL certificate.

Expand All @@ -42,14 +35,7 @@ make sure to set the appropriate values for `MM_USERNAME`, `MM_PASSWORD` and `MM

### Install without SSL certificate

1. Open docker-compose.yml and set `MATTERMOST_ENABLE_SSL` to false.

```
environment:
- MATTERMOST_ENABLE_SSL=false
```

2. Build and run mattermost
1. Build and run mattermost

docker-compose up -d

Expand Down
3 changes: 0 additions & 3 deletions docker-compose-v1.yml
Expand Up @@ -42,6 +42,3 @@ web:
# This directory must have cert files
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
environment:
- MATTERMOST_ENABLE_SSL=false
- PLATFORM_PORT_80_TCP_PORT=80
3 changes: 0 additions & 3 deletions docker-compose.yml
Expand Up @@ -45,8 +45,5 @@ services:
# This directory must have cert files
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
environment:
- MATTERMOST_ENABLE_SSL=false
- PLATFORM_PORT_80_TCP_PORT=80
depends_on:
- app
23 changes: 5 additions & 18 deletions web/Dockerfile
@@ -1,22 +1,9 @@
FROM ubuntu:14.04
FROM nginx:mainline

RUN apt-get update && apt-get install -y nginx

RUN rm /etc/nginx/sites-enabled/default

COPY mattermost /etc/nginx/sites-available/
COPY mattermost-ssl /etc/nginx/sites-available/
ADD docker-entry.sh /
RUN rm /etc/nginx/conf.d/default.conf
COPY ./mattermost /etc/nginx/sites-available/
COPY ./mattermost-ssl /etc/nginx/sites-available/

COPY docker-entry.sh /
RUN chmod +x /docker-entry.sh

# You can see the logs using `docker-compose logs web`.
RUN ln -sf /dev/stdout /var/log/nginx/access.log
RUN ln -sf /dev/stderr /var/log/nginx/error.log

# Define working directory.
WORKDIR /etc/nginx

ENTRYPOINT /docker-entry.sh

EXPOSE 80 443
12 changes: 6 additions & 6 deletions web/docker-entry.sh
@@ -1,9 +1,9 @@
#!/bin/bash
echo Starting Nginx
sed -Ei "s/APP_PORT/$PLATFORM_PORT_80_TCP_PORT/" /etc/nginx/sites-available/mattermost
sed -Ei "s/APP_PORT/$PLATFORM_PORT_80_TCP_PORT/" /etc/nginx/sites-available/mattermost-ssl
if [ "$MATTERMOST_ENABLE_SSL" = true ]; then
ssl="-ssl"
if [ -f "/cert/cert.pem" -a -f "/cert/key-no-password.pem" ]; then
echo "found certificate and key, linking ssl config"
ssl="-ssl"
else
echo "linking plain config"
fi
ln -s /etc/nginx/sites-available/mattermost$ssl /etc/nginx/sites-enabled/mattermost
ln -s /etc/nginx/sites-available/mattermost$ssl /etc/nginx/conf.d/mattermost.conf
nginx -g 'daemon off;'
2 changes: 1 addition & 1 deletion web/mattermost
Expand Up @@ -17,6 +17,6 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://app:APP_PORT;
proxy_pass http://app:80;
}
}
2 changes: 1 addition & 1 deletion web/mattermost-ssl
Expand Up @@ -32,7 +32,7 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://app:APP_PORT;
proxy_pass http://app:80;
}
}

Expand Down

0 comments on commit f7c78e6

Please sign in to comment.