shaytan/drip
1
0
Fork 0
mirror of https://github.com/Gouryella/drip.git synced 2026-02-23 21:00:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
07eea862d5c51820d45995f0f5ed4856b4254d70
drip/deployments/README.md

3.7 KiB
Raw Blame History

Docker Deployment

Quick Start

Server (Production)

# Copy and configure environment
cp .env.example .env
nano .env

# Edit server configuration
DOMAIN=tunnel.example.com
AUTH_TOKEN=your-secret-token
TLS_CERT=1
TLS_KEY=1

# Place certificates
mkdir -p certs
cp /path/to/fullchain.pem certs/
cp /path/to/privkey.pem certs/

# Uncomment volume mount in docker-compose.yml
# - ./certs:/app/data/certs:ro

# Start server
docker compose up -d

# View logs
docker compose logs -f

Client (Development/Testing)

# Copy and configure client environment
cp .env.example .env.client
nano .env.client

# Edit client configuration
SERVER_ADDR=tunnel.example.com:443
AUTH_TOKEN=your-secret-token
TUNNEL_TYPE=http
LOCAL_PORT=3000

# Start client
docker compose -f docker-compose.client.yml --env-file .env.client up -d

# View logs
docker compose -f docker-compose.client.yml logs -f

Configuration

Environment Variables

Create .env from .env.example:

DOMAIN=tunnel.example.com
AUTH_TOKEN=your-secret-token

TLS Certificates

Option 1: Auto TLS (Let's Encrypt)

# Enable in .env
AUTO_TLS=1

# Ensure port 80 is accessible for ACME challenges

Option 2: Manual Certificates

# Place certificates in ./certs/
mkdir -p certs
cp fullchain.pem certs/cert.pem
cp privkey.pem certs/key.pem

# Uncomment in docker-compose.yml
# - ./certs:/app/data/certs:ro

# Enable in .env
TLS_CERT=1
TLS_KEY=1

Data Persistence

All data is stored in Docker volumes:

  • drip-data: Server data and certificates at /app/data
  • client-data: Client configuration at /app/data

Backup

# Backup server data
docker run --rm -v drip-data:/data -v $(pwd):/backup alpine tar czf /backup/drip-backup.tar.gz -C /data .

# Restore
docker run --rm -v drip-data:/data -v $(pwd):/backup alpine tar xzf /backup/drip-backup.tar.gz -C /data

Port Mapping

Container Port Host Port Purpose
80 80 HTTP (ACME challenges)
443 443 HTTPS (main service)
8080 8080 HTTP (no TLS)
20000-20100 20000-20100 TCP tunnels

Management

Server

# Start
docker compose up -d

# Stop
docker compose down

# Restart
docker compose restart

# View logs
docker compose logs -f

# Shell access
docker compose exec server sh

# Update
docker compose pull
docker compose up -d

Client

# Start
docker compose -f docker-compose.client.yml up -d

# Stop
docker compose -f docker-compose.client.yml down

# View logs
docker compose -f docker-compose.client.yml logs -f

# Different tunnel types
TUNNEL_TYPE=http LOCAL_PORT=3000 docker compose -f docker-compose.client.yml up -d
TUNNEL_TYPE=https LOCAL_PORT=8443 docker compose -f docker-compose.client.yml up -d
TUNNEL_TYPE=tcp LOCAL_PORT=5432 docker compose -f docker-compose.client.yml up -d

Production Deployment

With Reverse Proxy

If using Nginx/Traefik in front:

services:
  server:
    ports:
      - "127.0.0.1:8080:8080"  # Only expose to localhost
    command: >
      server
      --domain tunnel.example.com
      --port 8080
      --token ${AUTH_TOKEN}

Resource Limits

Adjust in docker-compose.yml:

deploy:
  resources:
    limits:
      cpus: '2'
      memory: 512M

Troubleshooting

Certificate errors

# Check certificate files
docker compose exec server ls -la /app/data/certs

# Check server logs
docker compose logs server | grep -i tls

Connection issues

# Verify port accessibility
curl -I https://tunnel.example.com

# Check server status
docker compose exec server /app/drip server --help

Reset everything

# Stop and remove everything
docker compose down -v

# Start fresh
docker compose up -d