1
0
mirror of https://github.com/ArcticFoxes-net/Signal-TLS-Proxy synced 2024-11-13 15:41:33 -05:00
Signal-TLS-Proxy/docker-compose.yml

50 lines
1.2 KiB
YAML
Raw Normal View History

2021-01-28 13:34:53 -05:00
version: '3'
services:
nginx-terminate:
image: nginx:alpine
2021-01-28 13:34:53 -05:00
restart: unless-stopped
volumes:
- ./data/nginx-terminate/nginx.conf:/etc/nginx/nginx.conf:Z
- ./data/certbot/conf:/etc/letsencrypt:Z
- ./data/certbot/www:/var/www/certbot:Z
read_only: true
2021-01-28 13:34:53 -05:00
ports:
- "443:443"
2022-09-22 15:40:24 -04:00
- "80:80"
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- CAP_NET_BIND_SERVICE
- CHOWN
tmpfs:
- /var/run:size=50M,mode=0770,noexec,nosuid,nodev
2021-01-28 13:34:53 -05:00
nginx-relay:
image: nginx:alpine
2021-01-28 13:34:53 -05:00
restart: unless-stopped
volumes:
- ./data/nginx-relay/nginx.conf:/etc/nginx/nginx.conf:Z
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
tmpfs:
- /var/run:size=50M,mode=0770,noexec,nosuid,nodev
2021-01-28 13:34:53 -05:00
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt:Z
- ./data/certbot/www:/var/www/certbot:Z
ports:
- "80:80"
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- CAP_NET_BIND_SERVICE