examples - nextcloud fix and moodle
This commit is contained in:
parent
2c33463af7
commit
e4bdd4af5d
|
@ -0,0 +1,46 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
|
||||
mywww:
|
||||
image: bunkerity/bunkerized-nginx
|
||||
restart: always
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
volumes:
|
||||
- ./letsencrypt:/etc/letsencrypt
|
||||
- ./server-confs:/server-confs # custom confs to reverse proxy to moodle
|
||||
environment:
|
||||
- SERVER_NAME=www.website.com # replace with your domain
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- REDIRECT_HTTP_TO_HTTPS=yes
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- MAX_CLIENT_SIZE=50m
|
||||
|
||||
mymoodle:
|
||||
image: bitnami/moodle
|
||||
restart: always
|
||||
volumes:
|
||||
- ./moodle-files:/bitnami/moodle
|
||||
- ./moodle-data:/bitnami/moodledata
|
||||
environment:
|
||||
- MOODLE_USERNAME=admin # replace with your moodle admin username
|
||||
- MOODLE_PASSWORD=password # replace with your moodle admin password
|
||||
- MOODLE_EMAIL=moodle@website.com # replace with your moodle admin email
|
||||
- MOODLE_SITE_NAME=My Moodle # replace with your moodle site name
|
||||
- MOODLE_DATABASE_HOST=mydb
|
||||
- MOODLE_DATABASE_NAME=moodle
|
||||
- MOODLE_DATABASE_USER=user
|
||||
- MOODLE_DATABASE_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
|
||||
mydb:
|
||||
image: mariadb
|
||||
restart: always
|
||||
volumes:
|
||||
- ./db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=moodle
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
|
@ -0,0 +1,8 @@
|
|||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
location / {
|
||||
if ($host = www.website.com) {
|
||||
proxy_pass http://mymoodle:8443$request_uri;
|
||||
}
|
||||
}
|
|
@ -13,6 +13,7 @@ services:
|
|||
- ./letsencrypt:/etc/letsencrypt
|
||||
- ./server-confs:/server-confs # custom nginx confs at server context to make Nextcloud working
|
||||
- ./modsec-crs-confs:/modsec-crs-confs # custom Core Rule Set confs to add Nextcloud exclusions
|
||||
- ./modsec-confs:/modsec-confs # disable some false positive
|
||||
environment:
|
||||
- SERVER_NAME=www.website.com # replace with your domain
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
|
@ -23,7 +24,7 @@ services:
|
|||
- REMOTE_PHP_PATH=/var/www/html
|
||||
- LIMIT_REQ_RATE=40r/s
|
||||
- LIMIT_REQ_BURST=60
|
||||
- ALLOWED_METHODS=GET|POST|HEAD|PROPFIND|DELETE|PUT
|
||||
- ALLOWED_METHODS=GET|POST|HEAD|PROPFIND|DELETE|PUT|MKCOL|MOVE|COPY|PROPPATCH|REPORT
|
||||
|
||||
mync:
|
||||
image: nextcloud:stable-fpm
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
SecRuleRemoveById 921110
|
|
@ -5,3 +5,11 @@ SecAction \
|
|||
pass,\
|
||||
t:none,\
|
||||
setvar:tx.crs_exclusions_nextcloud=1"
|
||||
|
||||
SecAction \
|
||||
"id:900200,\
|
||||
phase:1,\
|
||||
nolog,\
|
||||
pass,\
|
||||
t:none,\
|
||||
setvar:'tx.allowed_methods=GET HEAD POST PROPFIND DELETE PUT MKCOL MOVE COPY PROPPATCH REPORT'"
|
||||
|
|
|
@ -31,7 +31,7 @@ location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
|
|||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
|
||||
location ~ \.(?:css|js|woff2?|svg|gif|map|mp4)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue