You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: deployment/docker-compose.md
+30-11Lines changed: 30 additions & 11 deletions
Original file line number
Diff line number
Diff line change
@@ -21,10 +21,10 @@ This will provision an Ubuntu server with the latest versions of Docker and Dock
21
21
22
22
For test purposes, cheapest plans will be enough, even though you might want at least 2GB of RAM to execute Docker Compose for the first time. For real production usage, you'll probably want to pick a plan in the "general purpose" section that will fit your needs.
23
23
24
-
24
+
25
25
26
-
You can keep the defaults for other settings or tweak them according to your needs.
27
-
Don't forget to add your SSH key or to create a password, then press the "Finalize and create" button.
26
+
You can keep the defaults for other settings, or tweak them according to your needs.
27
+
Don't forget to add your SSH key or to create a password then press the "Finalize and create" button.
28
28
29
29
Then, wait a few seconds while your Droplet is provisioning.
30
30
When your Droplet is ready, use SSH to connect:
@@ -35,9 +35,8 @@ ssh root@<droplet-ip>
35
35
36
36
## Configuring a Domain Name
37
37
38
-
In most cases, you'll want to associate a domain name with your website.
38
+
In most cases, you'll want to associate a domain name to your website.
39
39
If you don't own a domain name yet, you'll have to buy one through a registrar.
40
-
Use [this affiliate link](https://gandi.link/f/93650337) to redeem a 20% discount at Gandi.net.
41
40
42
41
Then create a DNS record of type `A` for your domain name pointing to the IP address of your server.
43
42
@@ -47,10 +46,6 @@ Example:
47
46
your-domain-name.example.com. IN A 207.154.233.113
48
47
````
49
48
50
-
Example in Gandi's UI:
51
-
52
-
53
-
54
49
Note: Let's Encrypt, the service used by default by API Platform to automatically generate a TLS certificate, doesn't support using bare IP addresses.
55
50
Using a domain name is mandatory to use Let's Encrypt.
56
51
@@ -72,17 +67,41 @@ Go into the directory containing your project (`<project-name>`), and start the
docker compose -f docker-compose.yml -f docker-compose.prod.yml up --wait
77
72
```
78
73
79
-
Be sure to replace `your-domain-name.example.com`with your actual domain name and to set the values of `APP_SECRET`, `CADDY_MERCURE_JWT_SECRET` to cryptographically secure random values.
74
+
Be sure to replace `your-domain-name.example.com`by your actual domain name and to set the values of `APP_SECRET`, `CADDY_MERCURE_JWT_SECRET` to cryptographically secure random values.
80
75
81
76
Your server is up and running, and a Let's Encrypt HTTPS certificate has been automatically generated for you.
82
77
Go to `https://your-domain-name.example.com` and enjoy!
83
78
79
+
## Disabling HTTPS
80
+
81
+
Alternatively, if you don't want to expose an HTTPS server but only an HTTP one, run the following command:
docker compose -f docker-compose.yml -f docker-compose.prod.yml up --wait
88
+
```
89
+
84
90
## Deploying on Multiple Nodes
85
91
86
92
If you want to deploy your app on a cluster of machines, we recommend using [Kubernetes](kubernetes.md).
87
93
You can use [Docker Swarm](https://docs.docker.com/engine/swarm/stack-deploy/),
88
94
which is compatible with the provided Compose files.
95
+
96
+
## Configuring a Load Balancer or a Reverse Proxy
97
+
98
+
Since Caddy 2.5, XFF values of incoming requests will be ignored to prevent spoofing.
99
+
So if Caddy is not the first server being connected to by your clients (for example when a CDN is in front of Caddy), you may configure `trusted_proxies` with a list of IP ranges (CIDRs) from which incoming requests are trusted to have sent good values for these headers.
100
+
As a shortcut, `private_ranges` may be configured to trust all private IP ranges.
0 commit comments