🛠️ added nginx and certbot

docker-compose.yml

@@ -6,9 +6,25 @@ services:
         container_name: transito-server
         image: us-west1-docker.pkg.dev/transito-8f50c/transito-server/transito-server:latest
         restart: unless-stopped
-        ports:
-            - "80:8080"
-            - "443:8080"
-            - "8080:8080"
         env_file:
             - .env
+
+    nginx:
+        container_name: nginx
+        image: nginx
+        restart: unless-stopped
+        ports:
+            - 80:80
+            - 443:443
+        volumes:
+            - ./nginx/nginx.conf:/etc/nginx/nginx.conf
+            - ./certbot/conf:/etc/letsencrypt
+            - ./certbot/www:/var/www/certbot
+
+    certbot:
+        container_name: certbot
+        image: certbot/certbot
+        volumes:
+            - ./certbot/conf:/etc/letsencrypt
+            - ./certbot/www:/var/www/certbot
+        command: certonly --webroot -w /var/www/certbot --force-renewal --email transito@tnitish.com -d api.transito.tnitish.com --agree-tos

nginx/nginx.conf

@@ -0,0 +1,39 @@
+events {
+	worker_connections  1024;
+}
+
+http {
+	server_tokens off;
+	charset utf-8;
+
+	# Always redirect to https
+	server {
+		listen 80 default_server;
+
+		server_name _;
+
+		location ~ /.well-known/acme-challenge {
+			root /var/www/certbot;	
+		}
+
+		return 301 https://$host$request_uri;
+	}
+
+	server {
+		listen 443 ssl http2;
+
+		ssl_certificate /etc/letsencrypt/live/api.transito.tnitish.com/fullchain.pem;
+		ssl_certificate_key /etc/letsencrypt/live/api.transito.tnitish.com/privkey.pem;
+		server_name api.transito.tnitish.com;
+		root /var/www/html;
+		index index.php index.html index.htm;
+
+		location / {
+			proxy_pass http://transito-flutter:8080/;
+		}
+
+		location ~ /.well-known/acme-challenge {
+			root /var/www/certbot;	
+		}
+	}
+}