In this post I will show you how to install Awesome TTRSS with NGINX and Let’s Encrypt.
Install Docker:
apt install docker-compose
Download docker-compose.yml
Edit docker-compose.yml:
nano docker-compose.yml
Change the ‘SELF_URL_PATH’, ‘DB_PASS’ and ‘POSTGRES_PASSWORD’.
version: "3"
services:
service.rss:
image: wangqiru/ttrss:latest
container_name: ttrss
ports:
- 181:80
environment:
- SELF_URL_PATH=https://ttrss.yourdomain.com # please change to your own domain
- DB_PASS=YourPassword Use the same password defined in `database.postgres`
- PUID=1000
- PGID=1000
volumes:
- feed-icons:/var/www/feed-icons/
networks:
- public_access
- service_only
- database_only
stdin_open: true
tty: true
restart: always
service.mercury: # set Mercury Parser API endpoint to `service.mercury:3000` on TTRSS plugin setting page
image: wangqiru/mercury-parser-api:latest
container_name: mercury
networks:
- public_access
- service_only
restart: always
service.opencc: # set OpenCC API endpoint to `service.opencc:3000` on TTRSS plugin setting page
image: wangqiru/opencc-api-server:latest
container_name: opencc
environment:
- NODE_ENV=production
networks:
- service_only
restart: always
database.postgres:
image: postgres:13-alpine
container_name: postgres
environment:
- POSTGRES_PASSWORD=YourPassword
volumes:
- ~/postgres/data/:/var/lib/postgresql/data # persist postgres data to ~/postgres/data/ on the host
networks:
- database_only
restart: always
# utility.watchtower:
# container_name: watchtower
# image: containrrr/watchtower:latest
# volumes:
# - /var/run/docker.sock:/var/run/docker.sock
# environment:
# - WATCHTOWER_CLEANUP=true
# - WATCHTOWER_POLL_INTERVAL=86400
# restart: always
volumes:
feed-icons:
networks:
public_access: # Provide the access for ttrss UI
service_only: # Provide the communication network between services only
internal: true
database_only: # Provide the communication between ttrss and database only
internal: true
Deploy the docker containers:
docker-compose up -d
Install Certbot:
apt install certbot
Assign your A record to your public IP address and generate a certificate:
Choose: Spin up a temporary webserver (standalone)
certbot certonly -d ttrss.yourdomain.com
Install NGINX:
apt install nginx
Add the NGINX config:
nano /etc/nginx/sites-available/ttrss
Replace ‘yourdomain.com’ with your domain name.
upstream ttrssdev { server 127.0.0.1:181; } server { listen 80; server_name ttrss.yourdomain.com; return 301 https://ttrss.yourdomain.com$request_uri; } server { listen 443 ssl; gzip on; server_name ttrss.yourdomain.com; ssl_certificate /etc/letsencrypt/live/ttrss.yourdomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/ttrss.yourdomain.com/privkey.pem; access_log /var/log/nginx/ttrssdev_access.log combined; error_log /var/log/nginx/ttrssdev_error.log; location / { proxy_redirect off; proxy_pass http://ttrssdev; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; client_max_body_size 100m; client_body_buffer_size 128k; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } }
Enable the link:
ln -s /etc/nginx/sites-available/ttrss /etc/nginx/sites-enabled/
Enable NGINX & (re)start the service.
systemctl enable nginx && systemctl start nginx
Sign in with the following default TTRSS credentials:
Login: admin
Password: password
It’s that simple!