From 655189a1f11bf36c8a19dd3e540586be31931836 Mon Sep 17 00:00:00 2001 From: Louis Date: Wed, 26 Mar 2025 17:43:21 +0100 Subject: [PATCH] Ajout draft configuration server codeberg-pages --- .../posts/tech/codeberg-pages-server/index.md | 93 +++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 content/posts/tech/codeberg-pages-server/index.md diff --git a/content/posts/tech/codeberg-pages-server/index.md b/content/posts/tech/codeberg-pages-server/index.md new file mode 100644 index 0000000..f73b32b --- /dev/null +++ b/content/posts/tech/codeberg-pages-server/index.md @@ -0,0 +1,93 @@ +--- +title: "Déployer un serveur Codeberg Pages" +draft: true +date: 2025-03-26 +--- + +# Déployer le service + +Voici un exemple de `docker-compose.yml`. + +La documentation des variables d'environnement : + + +Pour le provider DNS, il faut adapter la variable `DNS_PROVIDER` à votre fournisseur de nom de domaine. +Voir cette section de la documentation + +```yaml +services: + pages-server: + image: codeberg.org/codeberg/pages-server:next + container_name: pages-server + restart: unless-stopped + environment: + - ACME_ACCEPT_TERMS=true + - ACME_EMAIL=email@email.com + - HOST=0.0.0.0 + # To adapt to your provider see https://go-acme.github.io/lego/dns/ + - DNS_PROVIDER=gandiv5 + - GANDIV5_PERSONAL_ACCESS_TOKEN=${GANDIV5_PERSONAL_ACCESS_TOKEN} + # End of provider specific variables + - FORGE_ROOT=https://git.example.com + - PAGES_DOMAIN=pages.example.com + - RAW_DOMAIN=raw.pages.example.com + - USE_PROXY_PROTOCOL=true +``` + +IMPORTANT : Pour les URL et les sous-domaines, il ne faut surtout pas mettre de `"` (guillemets) autour, car le *parsing* ne se fera pas correctement et fera planter le serveur. + +Adapter la configuration notamment des réseaux docker si besoin pour votre *reverse proxy*. + +# Configuration du reverse proxy (SWAG) + +Voici un exemple de configuration pour le *reverse proxy* SWAG de LinuxServer.io. + +```nginx +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name pages.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pages-server; + set $upstream_port 443; + set $upstream_proto https; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + # The following lines enables SNI and thus make connection to pages-server work ! + proxy_ssl_name $host; + proxy_ssl_server_name on; + } +} +``` + +La suite quand ma configuration sera fonctionnelle.