In this post I will show you how to install Awesome TTRSS with NGINX and Let’s Encrypt.
Install Docker:
apt install docker-composeDownload docker-compose.yml
Edit docker-compose.yml:
nano docker-compose.yml
Change the ‘SELF_URL_PATH’, ‘DB_PASS’ and ‘POSTGRES_PASSWORD’.
version: "3"
services:
service.rss:
image: wangqiru/ttrss:latest
container_name: ttrss
ports:
- 181:80
environment:
- SELF_URL_PATH=https://ttrss.yourdomain.com # please change to your own domain
- DB_PASS=YourPassword Use the same password defined in `database.postgres`
- PUID=1000
- PGID=1000
volumes:
- feed-icons:/var/www/feed-icons/
networks:
- public_access
- service_only
- database_only
stdin_open: true
tty: true
restart: always
service.mercury: # set Mercury Parser API endpoint to `service.mercury:3000` on TTRSS plugin setting page
image: wangqiru/mercury-parser-api:latest
container_name: mercury
networks:
- public_access
- service_only
restart: always
service.opencc: # set OpenCC API endpoint to `service.opencc:3000` on TTRSS plugin setting page
image: wangqiru/opencc-api-server:latest
container_name: opencc
environment:
- NODE_ENV=production
networks:
- service_only
restart: always
database.postgres:
image: postgres:13-alpine
container_name: postgres
environment:
- POSTGRES_PASSWORD=YourPassword
volumes:
- ~/postgres/data/:/var/lib/postgresql/data # persist postgres data to ~/postgres/data/ on the host
networks:
- database_only
restart: always
# utility.watchtower:
# container_name: watchtower
# image: containrrr/watchtower:latest
# volumes:
# - /var/run/docker.sock:/var/run/docker.sock
# environment:
# - WATCHTOWER_CLEANUP=true
# - WATCHTOWER_POLL_INTERVAL=86400
# restart: always
volumes:
feed-icons:
networks:
public_access: # Provide the access for ttrss UI
service_only: # Provide the communication network between services only
internal: true
database_only: # Provide the communication between ttrss and database only
internal: true
Deploy the docker containers:
docker-compose up -d
Install Certbot:
apt install certbot
Assign your A record to your public IP address and generate a certificate:
Choose: Spin up a temporary webserver (standalone)
certbot certonly -d ttrss.yourdomain.com
Install NGINX:
apt install nginx
Add the NGINX config:
nano /etc/nginx/sites-available/ttrss
Replace ‘yourdomain.com’ with your domain name.
upstream ttrssdev {
server 127.0.0.1:181;
}
server {
listen 80;
server_name ttrss.yourdomain.com;
return 301 https://ttrss.yourdomain.com$request_uri;
}
server {
listen 443 ssl;
gzip on;
server_name ttrss.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/ttrss.yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ttrss.yourdomain.com/privkey.pem;
access_log /var/log/nginx/ttrssdev_access.log combined;
error_log /var/log/nginx/ttrssdev_error.log;
location / {
proxy_redirect off;
proxy_pass http://ttrssdev;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
Enable the link:
ln -s /etc/nginx/sites-available/ttrss /etc/nginx/sites-enabled/
Enable NGINX & (re)start the service.
systemctl enable nginx && systemctl start nginx
Sign in with the following default TTRSS credentials:
Login: admin
Password: password
It’s that simple!