Skip to content
Find file Normal view History Permalink
README.md 2.2 KiB
Newer Older
Pierre Ozoux's avatar
typos  
Pierre Ozoux committed
1 2 
# HAProxy
HAProxy for IndieHosters
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
3 4 5 6 7 

## What is it?

This repository contains one of the most advanced and libre HAproxy for docker setup that we are aware of.
It ships with:
Pierre Ozoux's avatar
give some :heart:  
Pierre Ozoux committed
8 
 - container discovery though docker API (like [smartstack](http://nerds.airbnb.com/smartstack-service-discovery-cloud/)) based on Env var `VIRTUAL_HOST` (Based on [docker-gen](https://github.com/jwilder/docker-gen))
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
9 10 11 
 - [ocsp](https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol)
 - [letsencrypt](https://letsencrypt.org/)
Pierre Ozoux's avatar
give some :heart:  
Pierre Ozoux committed
12 
Each time you add a container with the environment variable `VIRTUAL_HOST` it will:
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
13 14 15 16 17 18 19 20 21 
 - generate a valid certificate (if the dns is pointing correctly)
 - serves the OCSP response
 - serves your web container with https

## Prerequistes

 - docker
 - docker-compose
Michel Memeteau's avatar
Update README.md  
Michel Memeteau committed
22 
## Get started ( for libre.sh  )
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
23 24 

```
Michel Memeteau's avatar
Update README.md  
Michel Memeteau committed
25 
# docker network create lb_web (already done when you install libre.sh )
Michel Memeteau's avatar
Update README.md  
Michel Memeteau committed
26 27 
cd /system/
git clone https://lab.libreho.st/libre.sh/compose/haproxy
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
28 
cd haproxy
Michel Memeteau's avatar
Update README.md  
Michel Memeteau committed
29 30 
libre enable
libre start
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
31 32 
```
Pierre Ozoux's avatar
Update with lb_web network, fixes #6  
Pierre Ozoux committed
33 
In these commands, we just created one network (lb_web) to isolate HAProxy with the web servers, and then, we started the containers of HAProxy and companions.
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
34 35 

```
Pierre Ozoux's avatar
Update with lb_web network, fixes #6  
Pierre Ozoux committed
36 
docker run --network=lb_web -e VIRTUAL_HOST=example.org nginx
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
37 38 
```
Pierre Ozoux's avatar
Update with lb_web network, fixes #6  
Pierre Ozoux committed
39 40 41 42 43 44 45 46 47 
Here, we just started the most simple web server, and added to the lb_web network.
The only thing that HAProxy needs to see and connect to this container are the following:
 - expose a port 80
 - have a VIRTUAL_HOST variable setup with the domain name
 - be in the lb_web network
 
And finally for HAProxy to be able to provision the Let's encrypt certificate, you need to configure your DNS for example.org to point to the IP of HAProxy.
Pierre Ozoux's avatar
First commit  
Pierre Ozoux committed
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 
## Contributing

If you have any issue (something not working, missing doc), please do report an issue here! Thanks

This system is used in production at [IndieHosters](https://indiehosters.net/) so it is maintained. If you use it, please tell us, and we'll be really happy to update this README!

You can help us by:
 - starring this project
 - sending us a thanks email
 - reporting bugs
 - writing documentation/blog on how you got up and running in 5mins
 - writing more documentation
 - sending us cake :) We loove cake!

## TODO

 - renewal :)
 - docker-swarm compatibility