Skip to content

Commit b74ffb3

Browse files
CodeShellDevCodeShellDev
committed
2 parents adbf4cf + ee01fdc commit b74ffb3

File tree

1 file changed

+19
-30
lines changed

1 file changed

+19
-30
lines changed

README.md

Lines changed: 19 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -89,41 +89,30 @@ And add secure Token(s) to `api.tokens`. See [API TOKENs](#api-tokens).
8989

9090
### Reverse Proxy
9191

92+
##### Traefik
93+
9294
Take a look at the [traefik](https://github.com/traefik/traefik) implementation:
9395

9496
```yaml
95-
services:
96-
secured-signal:
97-
image: ghcr.io/codeshelldev/secured-signal-api:latest
98-
container_name: secured-signal
99-
environment:
100-
API__URL: http://signal-api:8080
101-
SETTINGS__VARIABLES__RECIPIENTS:
102-
'[+123400002,+123400003,+123400004]'
103-
SETTINGS__VARIABLES__NUMBER: "+123400001"
104-
API__TOKENS: '[LOOOOOONG_STRING]'
105-
labels:
106-
- traefik.enable=true
107-
- traefik.http.routers.signal-api.rule=Host(`signal-api.mydomain.com`)
108-
- traefik.http.routers.signal-api.entrypoints=websecure
109-
- traefik.http.routers.signal-api.tls=true
110-
- traefik.http.routers.signal-api.tls.certresolver=cloudflare
111-
- traefik.http.routers.signal-api.service=signal-api-svc
112-
- traefik.http.services.signal-api-svc.loadbalancer.server.port=8880
113-
- traefik.docker.network=proxy
114-
restart: unless-stopped
115-
networks:
116-
proxy:
117-
backend:
118-
aliases:
119-
- secured-signal-api
97+
{ { file.examples/traefik/traefik.docker-compose.yaml } }
98+
```
12099

121-
networks:
122-
backend:
123-
proxy:
124-
external: true
100+
#### NGINX Proxy
101+
102+
This is the [NGINX](https://github.com/nginx/nginx) `docker-compose.yaml` file:
103+
104+
```yaml
105+
{ { file.examples/nginx/nginx.docker-compose.yaml } }
106+
```
107+
108+
Create a `nginx.conf` file in the `docker-compose.yaml` folder and mount it to `etc/nginx/conf.d/default.conf`:
109+
110+
```conf
111+
{ { file.examples/nginx/nginx.conf } }
125112
```
126113

114+
Lastly add your `cert.key` and `cert.crt` into your `certs/` folder and mount it to `/etc/nginx/ssl`.
115+
127116
## Setup
128117

129118
Before you can send messages via Secured Signal API you must first set up [Signal rAPI](https://github.com/bbernhard/signal-cli-rest-api/blob/master/doc/EXAMPLES.md)
@@ -198,7 +187,7 @@ you have to add `@` in front of any KeyValue Pair assignment.
198187
199188
Supported types include **strings**, **ints** and **arrays**. See [Formatting](#string-to-type).
200189
201-
## Security: Best Practices
190+
## Best Practices
202191
203192
- Always use API tokens in production
204193
- Run behind a TLS-enabled [Reverse Proxy](#reverse-proxy) (Traefik, Nginx, Caddy)

0 commit comments

Comments
 (0)