add docker-compose stack

.env.example

@@ -0,0 +1,2 @@
+EMAIL=email@example.org
+DOMAIN=MY-DOMAIN.com

config.sample.js

@@ -24,9 +24,11 @@ module.exports = {
 
     Both cases require you to type the domain where the files will be served on the `domain` key below.
     Which one you use is ultimately up to you.
+
+    Leave this as "false" if using docker.
   */
   serveFilesWithNode: false,
-  domain: 'https://lolisafe.moe',
+  domain: 'https://xml.bz',
 
   /*
     If you are serving your files with a different domain than your lolisafe homepage,
@@ -36,7 +38,7 @@ module.exports = {
   homeDomain: null,
 
   /*
-    Port on which to run the server.
+    Port on which to run the server. Do not change this if using docker. Change in .env.
   */
   port: 9999,
 

docker-compose.yaml

@@ -0,0 +1,63 @@
+version: '3.8'
+
+networks:
+  net:
+    driver: bridge
+
+services:
+  safe:
+    image: lolisafe/lolisafe
+    volumes:
+      - ./config.js:/usr/src/lolisafe/config.js:ro
+      - ./uploads:/usr/src/lolisafe/uploads
+    restart: unless-stopped
+    networks:
+      - net
+
+  nginx:
+    image: nginx
+    volumes:
+      - ./nginx.docker.conf:/etc/nginx/conf.d/default.conf:ro
+      - ./uploads:/uploads
+    expose:
+      - 80
+    restart: unless-stopped
+    depends_on:
+      - safe
+    networks:
+      - net
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.xml.rule=Host(`${DOMAIN}`)'
+      - 'traefik.http.routers.xml.entrypoints=https'
+      - 'traefik.http.routers.xml.tls=true'
+      - 'traefik.http.routers.xml.tls.certresolver=letsencrypt'
+
+  traefik:
+    image: traefik:latest
+    container_name: traefik
+    volumes:
+      - ./traefik/acme.json:/acme.json
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - net
+    ports:
+      - 80:80
+      - 443:443
+    command:
+      - '--log.level=INFO'
+      - '--providers.docker=true'
+      - '--providers.docker.exposedByDefault=false'
+      - '--entrypoints.http=true'
+      - '--entrypoints.http.address=:80'
+      - '--certificatesresolvers.letsencrypt.acme.email=${EMAIL}'
+      - '--certificatesresolvers.letsencrypt.acme.storage=acme.json'
+      - '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http'
+      - '--entrypoints.http.http.redirections.entrypoint.to=https'
+      - '--entrypoints.http.http.redirections.entrypoint.scheme=https'
+      - '--entrypoints.https=true'
+      - '--entrypoints.https.address=:443'
+    restart: unless-stopped
+    depends_on:
+      - nginx
+

nginx.docker.conf

@@ -0,0 +1,41 @@
+upstream backend {
+    server safe:9999; # Change to the port you specified on lolisafe
+}
+
+map $sent_http_content_type $charset {
+	~^text/ utf-8;
+}
+
+server {
+    listen 80;
+
+    client_max_body_size 10000M; # Change this to the max file size you want to allow
+
+	charset $charset;
+	charset_types *;
+
+	# Uncomment if you are running lolisafe behind CloudFlare.
+	# This requires NGINX compiled from source with:
+	#	--with-http_realip_module
+	#include /path/to/lolisafe/real-ip-from-cf;
+
+	location / {
+		add_header Access-Control-Allow-Origin *;
+		root /uploads;
+		try_files $uri @proxy;
+	}
+
+    location @proxy {
+        proxy_set_header X-Real-IP $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_pass http://backend;
+        proxy_redirect off;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_redirect off;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}