diff --git a/.env_sample b/.env_sample index 26c9337bd..b3f62d157 100644 --- a/.env_sample +++ b/.env_sample @@ -16,8 +16,8 @@ MAX_EXECUTION_TIME_LIMIT=600 # time limit for the default queue (in seconds) DOMAIN_NAME=localhost:80 # SSL style domain definition +TLS_EMAIL=your@email.com # DOMAIN_NAME=example.com:443 -# TLS_EMAIL=your@email.com RABBITMQ_HOST=rabbit RABBITMQ_DEFAULT_USER=rabbit-username diff --git a/Caddyfile b/Caddyfile index 49d03f690..8b31649fb 100644 --- a/Caddyfile +++ b/Caddyfile @@ -1,29 +1,35 @@ {$DOMAIN_NAME} { - # HTTPS options: + # HTTPS Options tls {$TLS_EMAIL} + # Test HTTPS setup # tls {$TLS_EMAIL} { # ca https://acme-staging-v02.api.letsencrypt.org/directory # } + # Removing some headers for improved security: - header / -Server + header -Server # Serves static files, should be the same as `STATIC_ROOT` setting: - root /var/www/django - - # Serving dynamic requests: - proxy / django:8000 { - except /static /media - transparent - websocket + root * /var/www/django + file_server + + @noStatic { + not path /static/* + not path /media/* } + + # Serving dynamic requests: + reverse_proxy @noStatic django:8000 # Allows to use `.gz` files when available: - gzip + encode gzip # Logs: - log stdout - errors stdout + log { + output stdout + format console + } } diff --git a/docker-compose.yml b/docker-compose.yml index 08e7a5c84..c984f964a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,14 +4,15 @@ services: # Web Services #----------------------------------------------- caddy: - image: abiosoft/caddy:1.0.3 + image: caddy:2.7.6 env_file: .env environment: - ACME_AGREE=true volumes: - - ./Caddyfile:/etc/Caddyfile + - ./Caddyfile:/etc/caddy/Caddyfile - ./src/staticfiles:/var/www/django/static - - ./certs/caddy:/etc/caddycerts + - ./caddy_data:/data + - ./caddy_config:/config restart: unless-stopped ports: - 80:80 @@ -231,4 +232,4 @@ services: logging: options: max-size: "20k" - max-file: "10" \ No newline at end of file + max-file: "10"