added add_location.sh

docker-compose.yml

@@ -6,13 +6,12 @@ services:
       - "80:80"
       - "443:443"
     volumes:
-      - ./data/nginx.conf/:/etc/nginx/nginx.conf:ro # Nginx should only read its config
-      - ./data/.htpasswd:/etc/nginx/.htpasswd:ro
-      - ./data/conf.d/:/etc/nginx/conf.d/:ro
-      - ./data/certbot/www:/var/www/certbot/:ro
-      - ./data/certbot/conf:/etc/letsencrypt/:ro
-      - /prod/data/docs/:/var/www/html/docs.nxs.solutions/:ro
-      - ./logs/:/var/log/nginx/:rw
+      - ./config/nginx/:/etc/nginx/:ro # Nginx should only read its config
+      - ./data/auth/:/etc/nginx/auth:ro
+      - ./data/certbot:/var/www/certbot/:ro
+      - ./config/certbot:/etc/letsencrypt/:ro
+      - ./data/www/html/:/var/www/html/:ro
+      - ./logs/nginx/:/var/log/nginx/:rw
     networks:
       - fast-services
     restart: always
@@ -24,9 +23,9 @@ services:
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $!; done;'"
     volumes:
       # Must be read-write for certbot to place challenge files
-      - ./data/certbot/www:/var/www/certbot/:rw
+      - ./data/certbot/:/var/www/certbot/:rw
       # Must be read-write for certbot to store and renew certificates
-      - ./data/certbot/conf:/etc/letsencrypt/:rw
+      - ./config/certbot/:/etc/letsencrypt/:rw
     # Only runs when explicitly called or for renewal cronjob
     restart: unless-stopped
     networks:
@@ -43,11 +42,7 @@ services:
       # Ensure it always restarts
       restart: always
       volumes:
-        # 1. Mount the Nginx logs from the host (Read-Only)
-        - ./logs:/var/log/nginx:ro
-        # 2. Persist Fail2Ban's configuration and database
-        - /var/log/auth.log:/var/log/auth.log:ro
-        - /prod/gitea/logs/access.log:/var/log/gitea/access.log:ro
+        - ./logs/nginx:/var/log/nginx:ro
         - ./data/fail2ban:/data
       environment:
         # Optional: set timezone