Adds arpita.site

4 years ago · c39046eeb7
parent 7fcb6875cc
commit c39046eeb7
3 changed files with 63 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,3 +10,4 @@ portainer-data
 drone-data
 site-data
 pihole-log
+ghost
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -153,3 +153,21 @@ services:
      - DRONE_SERVER=drone-server:9000
      - DRONE_SECRET=${DRONE_SECRET}

+  arpita_site:
+    image: ghost:2.21-alpine
+    restart: always
+    volumes:
+     - ./ghost/arpita_site:/var/lib/ghost/content
+    environment:
+    # see https://docs.ghost.org/docs/config#section-running-ghost-with-config-env-variables
+      url: https://arpita.site
+      database__client: mysql
+      database__connection__host: mariadb
+      database__connection__user: root
+      database__connection__password: ${MR_PASSWORD}
+      database__connection__database: arpita_site
+      mail__transport: SMTP
+      mail__from: "Server <ghost@arpita.site>"
+      mail__options__service: SMTP
+      mail__options__host: smtp
+      mail__options__port: 25
--- a/nginx-conf/arpita_site.conf
+++ b/nginx-conf/arpita_site.conf
@ -0,0 +1,44 @@
+server {
+    listen 443 ssl;
+    server_name arpita.site;
+
+    ssl_certificate /etc/nginx/certs/arpita_site/fullchain.pem;
+    ssl_certificate_key /etc/nginx/certs/arpita_site/privkey.pem;
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+
+    proxy_set_header X-Real-IP  $remote_addr; # pass on real client IP
+
+    location ~ .(aspx|php|jsp|cgi)$ {
+        deny all;
+    }
+
+    location / {
+            proxy_set_header X-Forwarded-For $remote_addr;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header Host $http_host;
+            proxy_pass http://arpita_site:2368;
+    }
+
+    # Block Bad Bots
+    if ($bad_bot) { return 403; }
+
+    # Block Bad Referers
+    if ($bad_referer) { return 403; }
+}
+
+server {
+    listen 80;
+    server_name arpita.site;
+    return 301 https://$host$request_uri;
+}
+
+# remove 'www'
+server {
+    listen 80;
+    listen 443 ssl;
+    server_name www.arpita.site;
+    return 301 https://arpita.site$request_uri;
+}