Ajout draft configuration server codeberg-pages

2025-03-26 17:43:21 +01:00 · 2025-03-26 17:43:21 +01:00 · 655189a1f1
commit 655189a1f1
parent f284899c2f
1 changed files with 93 additions and 0 deletions
--- a/content/posts/tech/codeberg-pages-server/index.md
+++ b/content/posts/tech/codeberg-pages-server/index.md
@ -0,0 +1,93 @@
+---
+title: "Déployer un serveur Codeberg Pages"
+draft: true
+date: 2025-03-26
+---
+
+# Déployer le service
+
+Voici un exemple de `docker-compose.yml`.
+
+La documentation des variables d'environnement :
+<https://codeberg.org/Codeberg/pages-server#environment-variables>
+
+Pour le provider DNS, il faut adapter la variable `DNS_PROVIDER` à votre fournisseur de nom de domaine.
+Voir cette section de la documentation
+
+```yaml
+services:
+  pages-server:
+    image: codeberg.org/codeberg/pages-server:next
+    container_name: pages-server
+    restart: unless-stopped
+    environment:
+      - ACME_ACCEPT_TERMS=true
+      - ACME_EMAIL=email@email.com
+      - HOST=0.0.0.0
+      # To adapt to your provider see https://go-acme.github.io/lego/dns/
+      - DNS_PROVIDER=gandiv5 
+      - GANDIV5_PERSONAL_ACCESS_TOKEN=${GANDIV5_PERSONAL_ACCESS_TOKEN}
+      # End of provider specific variables
+      - FORGE_ROOT=https://git.example.com
+      - PAGES_DOMAIN=pages.example.com
+      - RAW_DOMAIN=raw.pages.example.com
+      - USE_PROXY_PROTOCOL=true
+```
+<!--ici un callout block-->
+IMPORTANT : Pour les URL et les sous-domaines, il ne faut surtout pas mettre de `"` (guillemets) autour, car le *parsing* ne se fera pas correctement et fera planter le serveur.
+
+Adapter la configuration notamment des réseaux docker si besoin pour votre *reverse proxy*.
+
+# Configuration du reverse proxy (SWAG)
+
+Voici un exemple de configuration pour le *reverse proxy* SWAG de LinuxServer.io.
+
+```nginx
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name pages.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app pages-server;
+        set $upstream_port 443;
+        set $upstream_proto https;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+        # The following lines enables SNI and thus make connection to pages-server work !
+        proxy_ssl_name          $host;
+        proxy_ssl_server_name   on;
+    }
+}
+```
+
+La suite quand ma configuration sera fonctionnelle.