feat: added certbot so that we get https certs automatically on server (#122)

* feat: added certbot so that we get https certs automatically on server * feat: added readme heading
2025-03-13 00:50:03 +00:00 · 2024-10-29 15:10:47 -04:00 · 2024-10-29 15:10:47 -04:00 · 51b8b9efae
commit 51b8b9efae
parent b49b22ed68
3 changed files with 76 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -56,10 +56,24 @@ The app is available on fdroid as well as the google and apple stores. You can t

 To use databag, you will need a DNS name pointing to your node with a certificate. You can deploy a node manually, but you will have a much easier time using a container service. Containers for arm64 and amd64 are available [here](https://hub.docker.com/r/balzack/databag/tags). 

-### Docker Compose Command
+### Docker Compose 

-From the net/container sub directory:
-  - sudo docker-compose -f compose.yaml -p databag up
+Launch with dockerhub container using docker compose:
+
+#### Standard launch
+```shell
+# From the net/container sub directory:
+docker-compose -f compose.yaml -p databag up
+```
+
+#### Launch with certbot https certificate
+```shell
+# FIRST: create a DNS entry in your DNS to point your desired subdomain to your host
+# SECOND: edit the net/container/docker-compose-swag.yml to include your domain name
+# THIRD: From the root of the project directory:
+mkdir -p ~/appdata
+docker-compose -f net/container/docker-compose-swag.yml -p databag up
+```

 ### Example with Portainer and Nginx Proxy Manager

--- a/net/container/docker-compose-swag.yml
+++ b/net/container/docker-compose-swag.yml
@ -0,0 +1,36 @@
+---
+version: "2.1"
+services:
+  databag:
+    image: balzack/databag:latest
+    container_name: databag
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/London
+    ports:
+      - "7000:7000"
+    volumes:
+      - $HOME/appdata/databag:/var/lib/databag
+    restart: unless-stopped
+  swag:
+    image: lscr.io/linuxserver/swag
+    container_name: databag-ssl-proxy
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/London
+      - URL=YOURDOMAIN.COM
+      - SUBDOMAINS=databag,
+      - VALIDATION=http
+      - ONLY_SUBDOMAINS=true
+      - STAGING=false #optional
+    volumes:
+      - $HOME/appdata/swag:/config
+      - $PWD/net/container/ssl-proxy.conf:/config/nginx/proxy-confs/databag.subdomain.conf
+    ports:
+      - 443:443
+      - 80:80
+    restart: unless-stopped
--- a/net/container/ssl-proxy.conf
+++ b/net/container/ssl-proxy.conf
@ -0,0 +1,23 @@
+# make sure that your dns has a cname set for databag
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name databag.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        resolver 127.0.0.11 valid=30s;
+        set $upstream_app databag;
+        set $upstream_port 7000;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}