mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2025-12-24 01:57:51 -05:00
Code Issues Packages Projects Releases Wiki Activity

Move ssl setup to separate compose file

Browse Source
This commit is contained in:
Jeroen Peelaerts
2021-02-13 12:05:07 +01:00
parent ddcfc0c3f0
commit a6cc04f49f
5 changed files with 113 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
INSTALL.md
View File

@@ -38,31 +38,16 @@ From now onwards OSPOS can be deployed using Docker on Linux and Mac, locally or
This setup dramatically reduces the number of possible issues as all setup is now done in a Dockerfile.
Docker runs natively on Mac and Linux. Please refer to the docker documentation for instructions on how to set it up on your platform.
Since OSPOS version 3.3.0 the docker installation offers a reverse proxy based on nginx with a (if local) Self signed certificate termination (aka HTTPS connection).
Behind the reverse proxy you can access OSPOS using https (port 443) and myPhpAdmin using port 8000.
Port 80 (standard http) is not available for OSPOS, it's only available for a cert manager service in case of server installation.
***Be aware that this setup is not suited for production usage. Change the default passwords in the compose file before exposing the containers publicly.***
* To build and run the image, download the latest build from bintray.
* Install envsubst from https://github.com/a8m/envsubst on your machine
* Issue the following commands in a terminal with docker installed:
Start the containers using following command
```
docker/install-local.sh
```
* When required to renew a certificate say (y)es.
* When the script has terminated to run, wait about a minute before connecting to https://127.0.0.1.
* The web browser will warn you of a self certificate exception, accept and continue
* If you do https://127.0.0.1:8000 (port 8000) instead, you would be able to access a phpMyAdmin service connected to OSPOS MariaDB
* To stop the docker issue the following command:
```
docker/uninstall.sh
docker-compose up
```
Host install using Docker
Nginx install using Docker
-------------------------
Since OSPOS version 3.3.0 the docker installation offers a reverse proxy based on nginx with a Letsencrypt TLS certificate termination (aka HTTPS connection).
@@ -76,13 +61,7 @@ The variable STAGING needs to be set to 0 when you are confident your configurat
Follow local install steps, but instead of
```
docker/install-local.sh
```
use
```
docker/install-server.sh
docker/install-nginx.sh
```
Do not use

102
docker-compose.nginx.yml Normal file
View File

@@ -0,0 +1,102 @@
version: '3.4'
volumes:
uploads:
driver: local
logs:
driver: local
networks:
app_net:
db_net:
services:
ospos:
image: jekkos/opensourcepos:3.3.3
restart: always
depends_on:
- mysql
expose:
- "80"
networks:
- app_net
- db_net
volumes:
- uploads:/app/public/uploads
- logs:/app/application/logs
environment:
- CI_ENV=${OSPOS_CI_ENV}
- FORCE_HTTPS=true
- PHP_TIMEZONE=UTC
- MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME}
- MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD}
- MYSQL_DB_NAME=ospos
- MYSQL_HOST_NAME=mysql
mysql:
image: mariadb:10.5
container_name: mysql
restart: always
expose:
- "3306"
networks:
- db_net
volumes:
- ./database/database.sql:/docker-entrypoint-initdb.d/database.sql
- ./database:/var/lib/mysql:rw
environment:
- MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD}
- MYSQL_DATABASE=ospos
- MYSQL_USER=${OSPOS_MYSQL_USERNAME}
- MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD}
phpmyadmin:
image: phpmyadmin/phpmyadmin
container_name: phpmyadmin
restart: always
depends_on:
- mysql
expose:
- "80"
networks:
- app_net
- db_net
environment:
- MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME}
- MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD}
- PMA_HOST=mysql
nginx:
image: nginx:1.19-alpine
container_name: nginx
restart: always
depends_on:
- ospos
- phpmyadmin
- certbot
volumes:
- ./docker/data/nginx/nginx.tmpl:/etc/nginx/nginx.tmpl:ro
- ./docker/data/nginx/error_log.log:/etc/nginx/error_log.log
- ./docker/data/certbot/conf:/etc/letsencrypt:ro
- ./docker/data/certbot/www:/var/www/certbot:ro
ports:
- "80:80"
- "443:443"
- "8000:8000"
networks:
- app_net
environment:
- WEB_DOMAIN=${OSPOS_DOMAIN_NAME}
- ESC=$$
command: "/bin/sh -c 'envsubst < /etc/nginx/nginx.tmpl > /etc/nginx/nginx.conf & while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
container_name: certbot
restart: always
volumes:
- ./docker/data/certbot/conf:/etc/letsencrypt
- ./docker/data/certbot/www:/var/www/certbot
networks:
- app_net
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

11
docker-compose.yml
View File

@@ -28,8 +28,8 @@ services:
- CI_ENV=${OSPOS_CI_ENV}
- FORCE_HTTPS=true
- PHP_TIMEZONE=UTC
- MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME}
- MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD}
- MYSQL_USERNAME=admin
- MYSQL_PASSWORD=pointofsale
- MYSQL_DB_NAME=ospos
- MYSQL_HOST_NAME=mysql
@@ -43,10 +43,9 @@ services:
- db_net
volumes:
- ./database/database.sql:/docker-entrypoint-initdb.d/database.sql
- database:/var/lib/mysql:rw
environment:
- MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD}
- MYSQL_ROOT_PASSWORD=pointofsale
- MYSQL_DATABASE=ospos
- MYSQL_USER=${OSPOS_MYSQL_USERNAME}
- MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD}
- MYSQL_USER=admin
- MYSQL_PASSWORD=pointofsale

17
docker/install-local.sh
View File

@@ -1,17 +0,0 @@
#!/bin/bash
cd docker
# load local environment variables
if [ ! -e ".env" ]; then
echo "The .env (environment variables) file is missing"
exit 1
fi
. ./.env
/bin/bash ./build_assets.sh
docker-compose -f ../docker-compose.yml build
/bin/bash ./init-selfcert.sh

4
docker/install-server.sh → docker/install-nginx.sh
View File

@@ -10,8 +10,6 @@ fi
. ./.env
/bin/bash ./build_assets.sh
docker-compose -f ../docker-compose.yml build
docker-compose -f ../docker-compose.nginx.yml build
/bin/bash ./init-letsencrypt.sh