mirror of
https://github.com/Gouryella/drip.git
synced 2026-02-27 14:50:52 +00:00
221 lines
3.7 KiB
Markdown
221 lines
3.7 KiB
Markdown
# Docker Deployment
|
|
|
|
## Quick Start
|
|
|
|
### Server (Production)
|
|
|
|
```bash
|
|
# Copy and configure environment
|
|
cp .env.example .env
|
|
nano .env
|
|
|
|
# Edit server configuration
|
|
DOMAIN=tunnel.example.com
|
|
AUTH_TOKEN=your-secret-token
|
|
TLS_CERT=1
|
|
TLS_KEY=1
|
|
|
|
# Place certificates
|
|
mkdir -p certs
|
|
cp /path/to/fullchain.pem certs/
|
|
cp /path/to/privkey.pem certs/
|
|
|
|
# Uncomment volume mount in docker-compose.yml
|
|
# - ./certs:/app/data/certs:ro
|
|
|
|
# Start server
|
|
docker compose up -d
|
|
|
|
# View logs
|
|
docker compose logs -f
|
|
```
|
|
|
|
### Client (Development/Testing)
|
|
|
|
```bash
|
|
# Copy and configure client environment
|
|
cp .env.example .env.client
|
|
nano .env.client
|
|
|
|
# Edit client configuration
|
|
SERVER_ADDR=tunnel.example.com:443
|
|
AUTH_TOKEN=your-secret-token
|
|
TUNNEL_TYPE=http
|
|
LOCAL_PORT=3000
|
|
|
|
# Start client
|
|
docker compose -f docker-compose.client.yml --env-file .env.client up -d
|
|
|
|
# View logs
|
|
docker compose -f docker-compose.client.yml logs -f
|
|
```
|
|
|
|
## Configuration
|
|
|
|
### Environment Variables
|
|
|
|
Create `.env` from `.env.example`:
|
|
|
|
```bash
|
|
DOMAIN=tunnel.example.com
|
|
AUTH_TOKEN=your-secret-token
|
|
```
|
|
|
|
### TLS Certificates
|
|
|
|
**Option 1: Auto TLS (Let's Encrypt)**
|
|
|
|
```bash
|
|
# Enable in .env
|
|
AUTO_TLS=1
|
|
|
|
# Ensure port 80 is accessible for ACME challenges
|
|
```
|
|
|
|
**Option 2: Manual Certificates**
|
|
|
|
```bash
|
|
# Place certificates in ./certs/
|
|
mkdir -p certs
|
|
cp fullchain.pem certs/cert.pem
|
|
cp privkey.pem certs/key.pem
|
|
|
|
# Uncomment in docker-compose.yml
|
|
# - ./certs:/app/data/certs:ro
|
|
|
|
# Enable in .env
|
|
TLS_CERT=1
|
|
TLS_KEY=1
|
|
```
|
|
|
|
## Data Persistence
|
|
|
|
All data is stored in Docker volumes:
|
|
|
|
- `drip-data`: Server data and certificates at `/app/data`
|
|
- `client-data`: Client configuration at `/app/data`
|
|
|
|
### Backup
|
|
|
|
```bash
|
|
# Backup server data
|
|
docker run --rm -v drip-data:/data -v $(pwd):/backup alpine tar czf /backup/drip-backup.tar.gz -C /data .
|
|
|
|
# Restore
|
|
docker run --rm -v drip-data:/data -v $(pwd):/backup alpine tar xzf /backup/drip-backup.tar.gz -C /data
|
|
```
|
|
|
|
## Port Mapping
|
|
|
|
| Container Port | Host Port | Purpose |
|
|
|---------------|-----------|---------|
|
|
| 80 | 80 | HTTP (ACME challenges) |
|
|
| 443 | 443 | HTTPS (main service) |
|
|
| 8080 | 8080 | HTTP (no TLS) |
|
|
| 20000-20100 | 20000-20100 | TCP tunnels |
|
|
|
|
## Management
|
|
|
|
### Server
|
|
|
|
```bash
|
|
# Start
|
|
docker compose up -d
|
|
|
|
# Stop
|
|
docker compose down
|
|
|
|
# Restart
|
|
docker compose restart
|
|
|
|
# View logs
|
|
docker compose logs -f
|
|
|
|
# Shell access
|
|
docker compose exec server sh
|
|
|
|
# Update
|
|
docker compose pull
|
|
docker compose up -d
|
|
```
|
|
|
|
### Client
|
|
|
|
```bash
|
|
# Start
|
|
docker compose -f docker-compose.client.yml up -d
|
|
|
|
# Stop
|
|
docker compose -f docker-compose.client.yml down
|
|
|
|
# View logs
|
|
docker compose -f docker-compose.client.yml logs -f
|
|
|
|
# Different tunnel types
|
|
TUNNEL_TYPE=http LOCAL_PORT=3000 docker compose -f docker-compose.client.yml up -d
|
|
TUNNEL_TYPE=https LOCAL_PORT=8443 docker compose -f docker-compose.client.yml up -d
|
|
TUNNEL_TYPE=tcp LOCAL_PORT=5432 docker compose -f docker-compose.client.yml up -d
|
|
```
|
|
|
|
## Production Deployment
|
|
|
|
### With Reverse Proxy
|
|
|
|
If using Nginx/Traefik in front:
|
|
|
|
```yaml
|
|
services:
|
|
server:
|
|
ports:
|
|
- "127.0.0.1:8080:8080" # Only expose to localhost
|
|
command: >
|
|
server
|
|
--domain tunnel.example.com
|
|
--port 8080
|
|
--token ${AUTH_TOKEN}
|
|
```
|
|
|
|
### Resource Limits
|
|
|
|
Adjust in `docker-compose.yml`:
|
|
|
|
```yaml
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: '2'
|
|
memory: 512M
|
|
```
|
|
|
|
## Troubleshooting
|
|
|
|
**Certificate errors**
|
|
|
|
```bash
|
|
# Check certificate files
|
|
docker compose exec server ls -la /app/data/certs
|
|
|
|
# Check server logs
|
|
docker compose logs server | grep -i tls
|
|
```
|
|
|
|
**Connection issues**
|
|
|
|
```bash
|
|
# Verify port accessibility
|
|
curl -I https://tunnel.example.com
|
|
|
|
# Check server status
|
|
docker compose exec server /app/drip server --help
|
|
```
|
|
|
|
**Reset everything**
|
|
|
|
```bash
|
|
# Stop and remove everything
|
|
docker compose down -v
|
|
|
|
# Start fresh
|
|
docker compose up -d
|
|
```
|