From 35591057861c7f916568c576d4718641989a612a 2023-12-04 15:11:11 From: RhodeCode Admin Date: 2023-12-04 15:11:11 Subject: [PATCH] fix(ssl): show properly how to enable mounts for custom traefik ssl --- diff --git a/docker-compose-router.yaml b/docker-compose-router.yaml index 8133e6f..2c0c524 100644 --- a/docker-compose-router.yaml +++ b/docker-compose-router.yaml @@ -30,8 +30,8 @@ services: volumes: # So that Traefik can listen to the Docker events - /var/run/docker.sock:/var/run/docker.sock - - ./config/traefik:/etc/traefik - - ./config/traefik/dynamic:/etc/traefik_dynamic + - $PWD/config/traefik:/etc/traefik + - $PWD/config/traefik/dynamic:/etc/traefik_dynamic deploy: placement: constraints: diff --git a/docker-compose-services.yaml b/docker-compose-services.yaml index f3bd41d..4b05d84 100644 --- a/docker-compose-services.yaml +++ b/docker-compose-services.yaml @@ -98,8 +98,8 @@ services: # - channelstream volumes: - - ./config/nginx/nginx_statics.conf:/etc/nginx/nginx.conf:ro - - ./.custom/static_files:/var/opt/rhodecode_static_data + - $PWD/config/nginx/nginx_statics.conf:/etc/nginx/nginx.conf:ro + - $PWD/.custom/static_files:/var/opt/rhodecode_static_data - rc_datavolume:/var/opt/rhodecode_data logging: @@ -130,8 +130,8 @@ services: - ${RC_ENV_FILE:?must-specify-rc-env-file} volumes: - - ./config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro - - ./config/nginx/error_pages:/etc/nginx/error_pages + - $PWD/config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro + - $PWD/config/nginx/error_pages:/etc/nginx/error_pages - rc_datavolume:/var/opt/rhodecode_data @@ -215,8 +215,7 @@ services: interval: 60s volumes: - - ./config/redis/redis.conf:/etc/redis/redis.conf:ro - + - $PWD/config/redis/redis.conf:/etc/redis/redis.conf:ro - redis_data:/data profiles: @@ -290,7 +289,7 @@ services: # - "127.0.0.1::3306" volumes: - - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro + - $PWD/config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro # save the mysql_data volume - $PWD/mysql_dir:/var/lib/mysql diff --git a/docs/source/configuration/ssl-certificates.rst b/docs/source/configuration/ssl-certificates.rst index f8ef748..902ffd7 100644 --- a/docs/source/configuration/ssl-certificates.rst +++ b/docs/source/configuration/ssl-certificates.rst @@ -14,13 +14,34 @@ Please see detailed documentation about traefik SSL support here: https://doc.traefik.io/traefik/https/tls/ +Enable custom traefik config +++++++++++++++++++++++++++++ + +By default the shared :file:`.custom/traefik_custom/` directory is not mount into traefik. We need to enable this first, +before enabling any of the below SSL certificates. + +In the file :file:`.custom/docker-compose-router.override.yaml` uncomment the two binds that would override defaults +and allow custom code from the `.custom` directory + + +.. code-block:: yaml + + traefik: + + volumes: + # ... other items here ... + + # THESE TWO NEEDS TO BE UNCOMMENTED + - $PWD/.custom/traefik_custom:/etc/traefik:ro + - $PWD/.custom/traefik_custom/dynamic:/etc/traefik_dynamic:ro + + Enable file based certificates ++++++++++++++++++++++++++++++ File based certificates (including self-signed) should be places inside this :file:`.custom/traefik_custom/dynamic/certs` We recommend using standard names for the .crt file (rhodecode-ssl.crt) and .key file (rhodecode-ssl.key). - e.g. .. code-block:: bash