Update README.md

Added Reverse Proxy and Ports to the docker-compose.yml
2022-12-15 20:51:34 +01:00 · 2022-12-15 20:51:34 +01:00 · eebc91de63
commit eebc91de63
parent 8fe3b29e69
1 changed files with 32 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -67,6 +67,8 @@ services:
    restart: always
    volumes:
      - '/local/path/to/data:/data'
+    ports:
+      - 5000:5000
  cli:
    image: 'ghcr.io/g3rv4/fakerelay:latest'
    volumes:
@ -75,6 +77,35 @@ services:

 That will store the configuration files at `/local/path/to/data` (they are a couple json files).

+### Setup SSL reverse proxy
+The relay needs to be accessible via a domain name with https. The subdomain can be served via a reverse proxy that also handles the SSL encryption. 
+
+#### Nginx config file
+```
+server {
+  listen 443 ssl http2;
+  listen [::]:443 http2 ssl;
+
+  # Uncomment and change these lines if you want to restrict access to fakerelay
+  # allow Your-Instance-IPv6-address;
+  # allow Your-Instance-IPv4-address;
+  # allow GetMoarFediverse-Container-IP;
+  # deny all;
+
+  server_name relay.domain.tld;
+
+  location / {
+    proxy_pass http://127.0.0.1:5000;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $host;
+    proxy_max_temp_file_size 0;
+  }
+
+    #ssl_certificate /etc/letsencrypt/live/relay.domain.tld/fullchain.pem; # managed by Certbot
+    #ssl_certificate_key /etc/letsencrypt/live/relay.domain.tld/privkey.pem; # managed by Certbot
+}
+```
+
 ### Configure the app

 The first time you run this it needs to create a key, you can trigger that using:
@ -132,4 +163,4 @@ If you want to revoke a instance's key, you can use `instance delete`:
 ```
 g3rv4@s1:~/docker/FakeRelay$ docker-compose run --rm cli instance delete mastodon.social
 Key deleted for mastodon.social
-```
+```