Closed rodber closed 1 year ago
What I did:
Forked the v4-docker-production repo and pulled into a private repo Pulled locally and edited:
Changed PROTOCOL to https on line 5 Changed NAMESPACE to my FQDN including subdomain (not sure if this is correct) on line 7 Changed tag_basename to my private gitlab server
added an up-df make command with --force-recreate on the docker-compose call
changed CHEVERETO_HOSTNAME to my fqdn + subdomain on line 57 increased max filesize, post size, and memory limit
Committed changes and pushed to private repo.
Ran make image + entered license key
Pushed the images to the private repo
Ran make up-d on the Chevereto VM server I have
Setup traefik as a reverse proxy for it Traefik handles the certificate signing. I use a wildcard that I bought, but I also have a Let's Encrypt config here as well.
Traefik can run directly on the same host as chevereto, but Caddy would probably be easier to implement into a docker-compose to bundle with Chevereto to handle certificates.
I'm actually still having problems with this setup.
This project doesn't handle https, there's an ongoing issue #17 for it. These https env vars are for just outputting URLs with https, the actual cert is not provided. I don't know yet the best way to provide HTTPS for this context, and I want to focus first into explain that the Makefile shouldn't be edited, what does the env vars do, in which layer you should change those etc.
You could also use Caddy or any other web server, even a server from your host (not Docker). But please note that Chevereto depends on server rules, and it was designed for Apache HTTP Server and Nginx.
For other servers you will require to translate these instructions, specially the php single entry point which denies any direct access to other php files.
I'm very interested in Caddy software, I will give it a try because it could make all this way easier.
I got it working with Traefik and HTTPS, I had some docker cache leftover that I was missing an env var for https, so I was loading mixed content.
Traefik is terminating SSL and passing http back to Chevereto... I did not look at the NGINX config at all, and it seems to be fine... but I need to go back and check my traefik config against nginx when I get a chance.
This project need a video guide to show users how this should be used. Also, it needs some non-technical explanations and recommendations on third party Docker management software that could be used.