From 97ab3f4012c7573770db5e7c75f56bfc8ccbd176 Mon Sep 17 00:00:00 2001 From: notplants Date: Mon, 12 Jan 2026 16:17:42 -0500 Subject: [PATCH] working recipe using nginx --- README.md | 2 +- compose.yml | 6 +++--- config.js.tmpl | 8 +++----- nginx.conf.tmpl | 13 ++----------- 4 files changed, 9 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index fd108fe..196110c 100644 --- a/README.md +++ b/README.md @@ -27,4 +27,4 @@ 6. Open the configured domain in your browser to finish set-up [`abra`]: https://git.coopcloud.tech/coop-cloud/abra -[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik +[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik \ No newline at end of file diff --git a/compose.yml b/compose.yml index 0665e3a..dd04d84 100644 --- a/compose.yml +++ b/compose.yml @@ -12,8 +12,8 @@ services: # Traefik can't use HTTP2 to communicate with cryptpat_websocket # A workaroung is disabling HTTP2 in Nginx - "CPAD_HTTP2_DISABLE=true" - - "CPAD_REALIP_RECURSIVE=on" - - "CPAD_REALIP_HEADER=X-Real-Ip" +# - "CPAD_REALIP_RECURSIVE=on" +# - "CPAD_REALIP_HEADER=X-Real-Ip" - "CPAD_TRUST_PROXY=1" - "CPAD_CONF=/cryptpad/config/config.js" @@ -72,7 +72,7 @@ services: - "traefik.docker.network=proxy" - "traefik.http.routers.${STACK_NAME}.tls=true" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8083" - - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}` `${SANDBOX_DOMAIN}` ${EXTRA_DOMAINS})" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`, `${SANDBOX_DOMAIN}` ${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" diff --git a/config.js.tmpl b/config.js.tmpl index 706470e..ac5b563 100644 --- a/config.js.tmpl +++ b/config.js.tmpl @@ -46,8 +46,7 @@ module.exports = { * cryptpad/docs/example.nginx.conf (see the $main_domain variable) * */ - //httpUnsafeOrigin: 'https://{{ env "CPAD_MAIN_DOMAIN" }}', - httpUnsafeOrigin: 'http://localhost:3000', + httpUnsafeOrigin: 'https://{{ env "CPAD_MAIN_DOMAIN" }}', /* httpSafeOrigin is the URL that is used for the 'sandbox' described above. * If you're testing or developing with CryptPad on your local machine then @@ -68,8 +67,7 @@ module.exports = { * * CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS. */ - //httpSafeOrigin: 'https://{{ env "CPAD_SANDBOX_DOMAIN" }}', - //httpSafeOrigin: 'http://localhost:3001', + httpSafeOrigin: 'https://{{ env "CPAD_SANDBOX_DOMAIN" }}', /* httpAddress specifies the address on which the nodejs server * should be accessible. By default it will listen on 127.0.0.1 @@ -77,7 +75,7 @@ module.exports = { * all addresses, including IPv6, set this to '::'. * */ - //httpAddress: '::', + httpAddress: '::', /* httpPort specifies on which port the nodejs server should listen. * By default it will serve content over port 3000, which is suitable diff --git a/nginx.conf.tmpl b/nginx.conf.tmpl index b4017c0..3fee226 100644 --- a/nginx.conf.tmpl +++ b/nginx.conf.tmpl @@ -1,12 +1,3 @@ -upstream cryptpad_app { - server {{ env "STACK_NAME" }}_app:3000; -} - -upstream cryptpad_ws { - #server {{ env "STACK_NAME" }}_app:3003; - server {{ env "STACK_NAME" }}_app:3000; -} - server { listen 8083; server_name localhost; @@ -18,7 +9,7 @@ server { # Main CryptPad app location / { - proxy_pass http://cryptpad_app; + proxy_pass http://{{ env "STACK_NAME" }}_app:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; @@ -34,7 +25,7 @@ server { # WebSocket endpoint location ^~ /cryptpad_websocket { - proxy_pass http://cryptpad_ws; + proxy_pass http://{{ env "STACK_NAME" }}_app:3003; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr;