negodiy/docker-inventaire
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package reverse proxy in docker-compose

Browse Source
This commit is contained in:
jums
2024-12-25 13:09:48 +01:00
parent 82d94e73da
commit ba42f2e009
3 changed files with 73 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
README.md
View File

@@ -76,57 +76,45 @@ echo "module.exports = {
" > ./inventaire/config/local-production.cjs
```
Set the email server by editing the file `config/local-production.cjs`. For example:
```js
mailer: {
disabled: false,
nodemailer: {
host: 'smtp.an-email-provider.net',
port: 587,
auth: {
user: 'user',
pass: 'password'
},
},
},
```
## Reverse proxy configuration
Inventaire only provides configuration files for Nginx.
Run dependencies:
Generate the first SSL certificate with Let's Encrypt
```sh
sudo mkdir -p /tmp/nginx/tmp /tmp/nginx/resize/img/users /tmp/nginx/resize/img/groups /tmp/nginx/resize/img/entities /tmp/nginx/resize/img/remote /tmp/nginx/resize/img/assets
```
Install nginx and certbot
Copy the nginx configuration template
```sh
PUBLIC_HOSTNAME=$(grep -oP 'PUBLIC_HOSTNAME=\K.*' .env) PROJECT_ROOT=$(grep -oP 'PROJECT_ROOT=\K.*' .env) envsubst < nginx/templates/default.conf.template > nginx/default
sudo mv nginx/default /etc/nginx/sites-available/default
```
Activate the configuration file
```sh
sudo ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf
```
To generate the certificate for your domain as required to make https work, you can use Let's Encrypt:
```sh
sudo systemctl stop nginx
sudo certbot certonly --standalone --post-hook "systemctl restart nginx"
sudo systemctl restart nginx
```
When certbot is done, you may uncomment lines starting with `# ssl_certificate` and `# ssl_certificate_key` in `/etc/nginx/sites-available/default.conf` and restart nginx.
Certbot should have installed a cron to automatically renew your certificate.
Since nginx template supports webroot renewal, we suggest you to update the renewal config file to use the webroot authenticator:
```sh
# Replace authenticator = standalone by authenticator = webroot
# Add webroot_path = /var/www/certbot
sudo vim /etc/letsencrypt/renewal/your-domain.com.conf
docker run -it --rm --name certbot -p 80:80 -v "$(pwd)/certbot/conf:/etc/letsencrypt" certbot/certbot certonly --standalone
```
## Usage
Start CouchDB, Elasticsearch, and the Inventaire [server](https://github.com/inventaire/inventaire) in production mode
Start CouchDB, Elasticsearch, Nginx and the Inventaire [server](https://github.com/inventaire/inventaire) in production mode
```sh
docker-compose up
```
Go to the sign up page (`https://DOMAIN_NAME/signup`) and create a user
Make the newly created user an admin (replace `your_username` in the command below by the user username) :
```sh
docker exec $(docker ps -f name=_inventaire --format "{{.ID}}") npm run db-actions:update-user-role-from-username your_username add admin
```
## Tips
General tips on how to run Inventaire can be found in the [server repository docs](https://github.com/inventaire/inventaire/tree/main/docs). Here after are some additional Docker-specific tips.
@@ -196,3 +184,6 @@ See also [Elasticsearch with Docker](https://www.elastic.co/guide/en/elasticsear
CouchDB may warn constantly that `_users` database does not exist, [as documented](https://docs.couchdb.org/en/latest/setup/single-node.html), you can create de database with:
`curl -X PUT http://127.0.0.1:5984/_users`
`docker exec $(docker ps -f name=couchdb --format "{{.ID}}") curl -H 'Content-Type:application/json' -H 'Accept: application/json' -XPUT "http://couchdb:password@localhost:5984/_users"`