====== Pingvin Share ======
[[https://www.youtube.com/watch?v=ctiktCoqFoc]]
===== Docker installation =====
[[https://docs.docker.com/engine/install/debian/#install-using-the-repository]]
==== Adding Docker GPG key ====
sudo apt update
sudo apt install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
==== Add repository to apt sources ====
sudo tee /etc/apt/sources.list.d/docker.sources <
==== Installation ====
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
==== Post-install commands ====
systemctl enable docker
systemctl status docker
docker run hello-world
===== Pingvin Share repository clone =====
[[https://github.com/stonith404/pingvin-share]]
cd /opt
git clone https://github.com/stonith404/pingvin-share.git
cd pingvin-share
===== Configuration =====
==== Containers structure ====
pingvin-share/
├── docker-compose.yml
├── data/
│ └── images/
├── nginx/
│ └── conf.d/
└── certbot/
├── conf/
└── www/
==== docker-compose.yml ====
services:
pingvin-share:
image: stonith404/pingvin-share
restart: unless-stopped
environment:
- TRUST_PROXY=true
ports:
- "3000:3000"
volumes:
- "./data:/opt/app/backend/data"
- "./data/images:/opt/app/frontend/public/img"
networks:
- pingvin-net
nginx:
image: nginx:latest
container_name: nginx-reverse
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d:ro
- ./certbot/www:/var/www/certbot:rw
- ./certbot/conf:/etc/letsencrypt:rw
depends_on:
- pingvin-share
networks:
- pingvin-net
certbot:
image: certbot/certbot
volumes:
- ./certbot/www:/var/www/certbot:rw
- ./certbot/conf:/etc/letsencrypt:rw
depends_on:
- nginx
networks:
pingvin-net:
driver: bridge
==== Nginx reverse proxy configuration ====
mkdir -p nginx/conf.d
cd nginx/conf.d
touch yourconf.conf
nano yourconf.conf
server {
listen 80;
server_name yourdomain.com;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://yourdomain.com$request_uri;
}
}
#HASH BEFORE RUNNING CERTBOT
server {
listen 443 default_server ssl http2;
server_name yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://pingvin-share:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
* run **docker compose up -d**
==== Running certbot ====
docker compose run --rm certbot certonly \
--webroot \
--webroot-path /var/www/certbot \
-d yourdomain.com \
--email mail@yourdomain.com \
--agree-tos \
--no-eff-email
==== Post-install steps ====
* unhash nginx/conf.d/yourconf.conf
* run commands
docker compose restart nginx
docker ps