kokorolx · September 20, 2024 16:30
diff --git a/readme.md b/readme.md
diff --git a/blog.thnkandgrow.com.conf b/blog.thnkandgrow.com.conf
 # /etc/nginx/site-enables/blog.thnkandgrow.com.conf

 server {
   # current config
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
       # ...other config
 }
diff --git a/deploy.yml b/deploy.yml
 service: demo

 # Name of the container image.
 image: kokorolee/demo

 servers:
  web:
    hosts:
      - meeaws_deployer
    labels:
      traefik.enable: true
      traefik.http.routers.demo.rule: Host(`shareopus.thnkandgrow.com`)
      traefik.http.routers.demo.entrypoints: websecure
      traefik.http.routers.demo.tls.certresolver: myresolver
    options:
      network: "traefik_network"

 accessories:
  db:
    image: postgres:16.0
    host: meeaws_deployer
    env:
      clear:
        POSTGRES_USER: "demo"
        POSTGRES_DB: 'demo'
      secret:
        - POSTGRES_PASSWORD
        - POSTGRES_USER
    files:
      - config/deploy/init.sql:/docker-entrypoint-initdb.d/setup.sql
    directories:
      - data:/var/lib/postgresql/data
    options:
      network: "traefik_network"

 # Credentials for your image host.
 registry:
  username: kokorolee

  # Always use an access token rather than real password when possible.
  password:
    - KAMAL_REGISTRY_PASSWORD

 # Inject ENV variables into containers (secrets come from .env).
 # Remember to run `kamal env push` after making changes!
 env:
  secret:
    - RAILS_MASTER_KEY
    - POSTGRES_PASSWORD
    - DB_HOST
    - POSTGRES_USER
    - PORT

 # Use a different ssh user than root
 ssh:
  user: deployer

 # Configure custom arguments for Traefik. Be sure to reboot traefik when you modify it.
 traefik:
  image: traefik:v3.1
  options:
    volume:
      - "./.docker-data/traefik/letsencrypt:/letsencrypt"
    publish:
      - "443:443"
      - "8080:8080"
    network: "traefik_network"
  args:
    # api.insecure: true
    providers.docker: true
    providers.docker.exposedbydefault: false
    entrypoints.web.address: ':80'
    entryPoints.websecure.address: ':443'
    certificatesresolvers.myresolver.acme.tlschallenge: true
    certificatesresolvers.myresolver.acme.httpchallenge: true
    certificatesresolvers.myresolver.acme.httpchallenge.entrypoint: 'web'
    certificatesresolvers.myresolver.acme.email: '[email protected]'
    certificatesresolvers.myresolver.acme.storage: '/letsencrypt/acme.json'
 # Configure a custom healthcheck (default is /up on port 3000)
 healthcheck:
  path: /up
  port: 5000
diff --git a/docker-compose.yml b/docker-compose.yml
 version: "3.3"

 services:
  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    volumes:
      - /home/deployer/.docker-data/nginx/nginx.conf:/etc/nginx/nginx.conf                    # Nginx main config
      - /home/deployer/.docker-data/nginx/sites-available:/etc/nginx/sites-available          # Site configs for multiple domains
      - /home/deployer/.docker-data/nginx/sites-enabled:/etc/nginx/sites-enabled              # Symlinks for enabled sites
      - /home/deployer/.docker-data/nginx/snippets:/etc/nginx/snippets                        # PHP configs and snippets
      - /home/deployer/.docker-data/nginx/fastcgi.conf:/etc/nginx/fastcgi.conf
      - /var/www:/var/www                                       # Your web files
      - /var/run/php/php7.4-fpm.sock:/var/run/php/php7.4-fpm.sock          # PHP socket on the host
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nginx.rule=Host(`meandyou.space`) || HostRegexp(`^.+.meandyou.space$`) || HostRegexp(`^.+.thnkandgrow.com$`)"
      - "traefik.http.routers.nginx.entrypoints=websecure"
      - "traefik.http.routers.nginx.tls.certresolver=myresolver"
      - "traefik.http.services.nginx.loadbalancer.server.port=80"
      - "traefik.http.routers.nginx.priority=1"
    networks:
      - traefik_network

 networks:
  traefik_network:
    external: true
diff --git a/wp-config.php b/wp-config.php
 # /var/www/blog.thnkandgrow.com/wp-config.php
 # add this line
 if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
	# /etc/nginx/site-enables/blog.thnkandgrow.com.conf

	server {
	# current config
	location / {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	# ...other config
	}
	service: demo

	# Name of the container image.
	image: kokorolee/demo

	servers:
	web:
	hosts:
	- meeaws_deployer
	labels:
	traefik.enable: true
	traefik.http.routers.demo.rule: Host(`shareopus.thnkandgrow.com`)
	traefik.http.routers.demo.entrypoints: websecure
	traefik.http.routers.demo.tls.certresolver: myresolver
	options:
	network: "traefik_network"

	accessories:
	db:
	image: postgres:16.0
	host: meeaws_deployer
	env:
	clear:
	POSTGRES_USER: "demo"
	POSTGRES_DB: 'demo'
	secret:
	- POSTGRES_PASSWORD
	- POSTGRES_USER
	files:
	- config/deploy/init.sql:/docker-entrypoint-initdb.d/setup.sql
	directories:
	- data:/var/lib/postgresql/data
	options:
	network: "traefik_network"

	# Credentials for your image host.
	registry:
	username: kokorolee

	# Always use an access token rather than real password when possible.
	password:
	- KAMAL_REGISTRY_PASSWORD

	# Inject ENV variables into containers (secrets come from .env).
	# Remember to run `kamal env push` after making changes!
	env:
	secret:
	- RAILS_MASTER_KEY
	- POSTGRES_PASSWORD
	- DB_HOST
	- POSTGRES_USER
	- PORT

	# Use a different ssh user than root
	ssh:
	user: deployer

	# Configure custom arguments for Traefik. Be sure to reboot traefik when you modify it.
	traefik:
	image: traefik:v3.1
	options:
	volume:
	- "./.docker-data/traefik/letsencrypt:/letsencrypt"
	publish:
	- "443:443"
	- "8080:8080"
	network: "traefik_network"
	args:
	# api.insecure: true
	providers.docker: true
	providers.docker.exposedbydefault: false
	entrypoints.web.address: ':80'
	entryPoints.websecure.address: ':443'
	certificatesresolvers.myresolver.acme.tlschallenge: true
	certificatesresolvers.myresolver.acme.httpchallenge: true
	certificatesresolvers.myresolver.acme.httpchallenge.entrypoint: 'web'
	certificatesresolvers.myresolver.acme.email: '[email protected]'
	certificatesresolvers.myresolver.acme.storage: '/letsencrypt/acme.json'
	# Configure a custom healthcheck (default is /up on port 3000)
	healthcheck:
	path: /up
	port: 5000
	version: "3.3"

	services:
	nginx:
	image: nginx:latest
	container_name: nginx
	restart: unless-stopped
	volumes:
	- /home/deployer/.docker-data/nginx/nginx.conf:/etc/nginx/nginx.conf # Nginx main config
	- /home/deployer/.docker-data/nginx/sites-available:/etc/nginx/sites-available # Site configs for multiple domains
	- /home/deployer/.docker-data/nginx/sites-enabled:/etc/nginx/sites-enabled # Symlinks for enabled sites
	- /home/deployer/.docker-data/nginx/snippets:/etc/nginx/snippets # PHP configs and snippets
	- /home/deployer/.docker-data/nginx/fastcgi.conf:/etc/nginx/fastcgi.conf
	- /var/www:/var/www # Your web files
	- /var/run/php/php7.4-fpm.sock:/var/run/php/php7.4-fpm.sock # PHP socket on the host
	labels:
	- "traefik.enable=true"
	- "traefik.http.routers.nginx.rule=Host(`meandyou.space`) \|\| HostRegexp(`^.+.meandyou.space$`) \|\| HostRegexp(`^.+.thnkandgrow.com$`)"
	- "traefik.http.routers.nginx.entrypoints=websecure"
	- "traefik.http.routers.nginx.tls.certresolver=myresolver"
	- "traefik.http.services.nginx.loadbalancer.server.port=80"
	- "traefik.http.routers.nginx.priority=1"
	networks:
	- traefik_network

	networks:
	traefik_network:
	external: true
	# /var/www/blog.thnkandgrow.com/wp-config.php
	# add this line
	if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';