update nginx

deployment/docker-compose.yml

@@ -79,7 +79,7 @@ services:
      - chatbot
     environment:
       - CHAT_DOMAIN=${DOMAIN:-"localhost"}
-      - PROD_DOMAIN=${DOMAIN2:-assistant.bible}
+      - PROD_DOMAIN=${DOMAIN2:- faithbridge.multilingualai}
     volumes:
      - ./nginx/nginx.conf.template:/etc/nginx/templates/default.conf.template:ro
      # - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
@@ -94,6 +94,9 @@ services:
     volumes:
      - ./certbot/www/:/var/www/certbot/:rw
      - ./certbot/conf/:/etc/letsencrypt/:rw
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+    command: certonly --webroot --webroot-path=/var/www/certbot --email [email protected]  --agree-tos --no-eff-email --non-interactive --deploy-hook "nginx -s reload" -d faithbridge.multilingualai.com -d www.faithbridge.multilingualai.com
+
     networks:
      - chatbot-network
 

deployment/nginx/nginx.conf.template

@@ -22,3 +22,61 @@ server {
 
 }
 
+
+server {
+    listen 443 default_server ssl http2;
+    listen [::]:443 ssl http2;
+
+    server_name ${CHAT_DOMAIN};
+
+    client_max_body_size 100M;
+
+    proxy_read_timeout 300;
+    proxy_connect_timeout 300;
+    proxy_send_timeout 300;
+
+    ssl_certificate /etc/nginx/ssl/live/${CHAT_DOMAIN}/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/live/${CHAT_DOMAIN}/privkey.pem;
+
+    location /chat {
+        proxy_pass http://chatbot:9000/chat;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
+    location / {
+         # Important, make sure you always remove the trailing slash
+         proxy_pass http://chatbot:9000;    
+         proxy_set_header      X-Real-IP $remote_addr;
+         proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+         proxy_set_header      Host $http_host;
+         proxy_set_header X-Forwarded-Proto $scheme;        
+    }    
+
+ }
+
+server {
+    listen 80;
+    listen [::]:80;
+    listen 443 http2;
+    listen [::]:443 http2;
+
+    server_name ${PROD_DOMAIN};
+    client_max_body_size 100M;
+
+#    location /.well-known/acme-challenge/ {
+#        root /var/www/certbot;
+#    }
+
+    proxy_read_timeout 300;
+    proxy_connect_timeout 300;
+    proxy_send_timeout 300;
+
+    ssl_certificate /etc/nginx/ssl/live/${PROD_DOMAIN}/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/live/${PROD_DOMAIN}/privkey.pem;
+
+    location / {
+     return 301 https://${CHAT_DOMAIN}$request_uri;
+    }
+}

deployment/nginx/nginx.conf.template.letencrypt

@@ -0,0 +1,14 @@
+server {
+    listen 80;
+    server_name faithbridge.multilingualai.com www.faithbridge.multilingualai.com;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+        try_files $uri $uri/ =404;
+        allow all;
+    }
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}

recipes/README.md

@@ -1,4 +1,4 @@
-# Recipes for Assistant.Bible
+# Recipes for  faithbridge.multilingualai
 
 This directory contains various combinations of tech-stacks that can be used in this app and how to use them. It also provides sample data for running the given examples.