improve faq

.env.docker

@@ -952,4 +952,10 @@ DOCKER_WEB_PORT_EXTERNAL_HTTP="8080"
 DOCKER_HOST_SOCKET_PATH="/var/run/docker.sock"
 
 # Prefix for container names (without any dash at the end)
-DOCKER_CONTAINER_NAME_PREFIX="${APP_DOMAIN}-"
+DOCKER_CONTAINER_NAME_PREFIX="${APP_DOMAIN}"
+
+# Set this to a non-empty value (e.g. "disabled") to disable the [proxy] and [proxy-acme] service
+DOCKER_PROXY_PROFILE=""
+
+# Set this to a non-empty value (e.g. "disabled") to disable the [proxy-acme] service
+DOCKER_PROXY_ACME_PROFILE="${DOCKER_PROXY_PROFILE}"

docker-compose.yml

@@ -36,7 +36,7 @@ services:
     container_name: "${DOCKER_CONTAINER_NAME_PREFIX}-proxy-acme"
     restart: unless-stopped
     profiles:
-      - ${DOCKER_PROXY_ACME_PROFILE:-$DOCKER_PROXY_PROFILE}
+      - ${DOCKER_PROXY_ACME_PROFILE}
     environment:
       DEBUG: 0
       DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}"
@@ -57,9 +57,6 @@ services:
     restart: unless-stopped
     build:
       target: apache-runtime
-    deploy:
-      mode: replicated
-      replicas: 1
     volumes:
       - "./.env:/var/www/.env"
       - "${DOCKER_DATA_ROOT}/pixelfed/cache:/var/www/bootstrap/cache"
@@ -74,8 +71,8 @@ services:
       com.github.nginx-proxy.nginx-proxy.keepalive: 30
       com.github.nginx-proxy.nginx-proxy.http2.enable: true
       com.github.nginx-proxy.nginx-proxy.http3.enable: true
-    # ports:
-    #   - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80"
+    ports:
+      - "${DOCKER_WEB_PORT_EXTERNAL_HTTP}:80"
     depends_on:
       - db
       - redis

docker/faq.md

@@ -2,18 +2,25 @@
 
 ## I already have a Proxy, how do I disable the included one?
 
-No problem! All you have to do is
+No problem! All you have to do is:
 
-1. *Comment out*  (or delete) the `proxy` and `proxy-acme` services in `docker-compose.yml`
-1. *Uncomment* the `ports` block for the `web` servince in `docker-compose.yml`
-1. Change the `DOCKER_WEB_PORT_EXTERNAL_HTTP` setting in your `.env` if you want to change the port from the default `8080`
-1. Point your proxy upstream to the exposed `web` port.
+1. Change the `DOCKER_PROXY_PROFILE` key/value pair in your `.env` file to `"disabled"`.
+    * This disables the `proxy` *and* `proxy-acme` services in `docker-compose.yml`.
+    * The setting is near the bottom of the file.
+1. Point your proxy upstream to the exposed `web` port (**Default**: `8080`).
+    * The port is controlled by the `DOCKER_WEB_PORT_EXTERNAL_HTTP` key in `.env`.
+    * The setting is near the bottom of the file.
 
 ## I already have a SSL certificate, how do I use it?
 
-1. *Comment out* (or delete) the `proxy-acme` service in `docker-compose.yml`
-1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs/${APP_DOMAIN}/`. The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses)
-    1. `cert.pem`
-    1. `chain.pem`
-    1. `fullchain.pem`
-    1. `key.pem`
+1. Change the `DOCKER_PROXY_ACME_PROFILE` key/value pair in your `.env` file to `"disabled"`.
+    * This disabled the `proxy-acme` service in `docker-compose.yml`.
+    * It does *not* disable the `proxy` service.
+1. Put your certificates in `${DOCKER_CONFIG_ROOT}/proxy/certs` (e.g. `./docker-compose/config/proxy/certs`)
+    * You may need to create this folder manually if it does not exists.
+    * The following files are expected to exist in the directory for the proxy to detect and use them automatically (this is the same directory and file names as LetsEncrypt uses)
+        1. `${APP_DOMAIN}.cert.pem`
+        1. `${APP_DOMAIN}.chain.pem`
+        1. `${APP_DOMAIN}.fullchain.pem`
+        1. `${APP_DOMAIN}.key.pem`
+    * See the [`nginx-proxy` configuration file for name patterns](https://github.com/nginx-proxy/nginx-proxy/blob/main/nginx.tmpl#L659-L670)