finicky9298/quixotic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
03222840e48690eb937e1abbef3faf5501ab647b
quixotic/.serena/memories/docker-traefik-ssl-complete-setup.md
Andrey Kondratev 9d011cf4c5 ci
2025-08-28 16:50:32 +05:00

2.3 KiB
Raw Blame History

Complete Docker + Traefik + SSL Setup for Quixotic

Files Created/Modified

Docker Configuration

  • docker-compose.yml - Main orchestration with Traefik v3.0 + Certbot
  • Dockerfile - Multi-stage build, fixed ARM64 ffmpeg compatibility
  • .env.docker - Environment variables for production
  • traefik.yml - Static Traefik configuration
  • .dockerignore - Docker build exclusions
  • Dockerfile.base - Base image (created but not used)

SSL Setup

  • ssl-setup.sh - Automated SSL setup script for domains
  • Traefik configured for HTTP challenge (not TLS challenge)
  • Certbot service for additional certificate management
  • Auto-renewal every 12 hours

Key Features Implemented

Traefik Reverse Proxy

  • Automatic HTTPS with Let's Encrypt
  • HTTP to HTTPS redirect
  • Dashboard on port 8080 with basic auth
  • Docker provider with label-based routing

Docker Optimization

  • Multi-stage build for smaller images
  • Health checks for application
  • Persistent volumes for SSL certs and downloads
  • Non-root user for security

SSL/TLS

  • HTTP challenge for certificate validation
  • Automatic certificate renewal
  • Domain-based configuration via environment

Architecture Fixes

  • Fixed ffmpeg ARM64 compatibility issue
  • Changed from copied binaries to Alpine packages
  • Proper paths: /usr/bin/ffmpeg instead of /usr/local/bin/ffmpeg

Usage Commands

# Local development
docker-compose --env-file .env.docker up -d

# Production with SSL
./ssl-setup.sh yourdomain.com your-email@domain.com

# Management
npm run docker:up
npm run docker:down  
npm run docker:logs
npm run docker:rebuild

Access Points

Issues Resolved

  1. ffmpeg architecture mismatch (ARM vs x86_64) Fixed with Alpine packages instead of copied binaries

  2. npm ci lockfile sync issues Changed to npm install + npm prune

  3. SSL certificate complexity Automated with Traefik + Let's Encrypt + HTTP challenge

  4. Verbose logging in SoundCloud service
    Removed debug console.log statements

Current Status

  • Docker builds successfully
  • Traefik proxy working
  • SSL automation ready
  • ⚠️ ffmpeg conversion still needs testing after ARM64 fix
Reference in New Issue View Git Blame Copy Permalink