#29 Add HTTPS support with a self signed certificate
Zusammengeführt
sindre
hat 1 Commits von https nach master vor 5 Jahren zusammengeführt
3 geänderte Dateien mit 67 neuen und 15 gelöschten Zeilen
-
+24 -0src/app/selfsigned.crt
-
+28 -0src/app/selfsigned.key
-
+15 -15src/entrypoint.sh
+ 24
- 0
src/app/selfsigned.crt
Datei anzeigen
| @@ -0,0 +1,24 @@ | |||
| -----BEGIN CERTIFICATE----- | |||
| MIID+TCCAuGgAwIBAgIUZwy6+bL1H2+S+BZc05gtzYv5j9cwDQYJKoZIhvcNAQEL | |||
| BQAwgYsxCzAJBgNVBAYTAk5PMRUwEwYDVQQIDAxUcsODwrhuZGVsYWcxEjAQBgNV | |||
| BAcMCVRyb25kaGVpbTENMAsGA1UECgwETlROVTELMAkGA1UECwwCSUUxETAPBgNV | |||
| BAMMCEJlZWxhbmNlMSIwIAYJKoZIhvcNAQkBFhNzaW5kYXNAc3R1ZC5udG51Lm5v | |||
| MB4XDTIwMDMwOTEwNDgwMloXDTIxMDMwOTEwNDgwMlowgYsxCzAJBgNVBAYTAk5P | |||
| MRUwEwYDVQQIDAxUcsODwrhuZGVsYWcxEjAQBgNVBAcMCVRyb25kaGVpbTENMAsG | |||
| A1UECgwETlROVTELMAkGA1UECwwCSUUxETAPBgNVBAMMCEJlZWxhbmNlMSIwIAYJ | |||
| KoZIhvcNAQkBFhNzaW5kYXNAc3R1ZC5udG51Lm5vMIIBIjANBgkqhkiG9w0BAQEF | |||
| AAOCAQ8AMIIBCgKCAQEAv/UlDmzXKuHpa6DDohUnkpgRYjPpu2Z1TT7J7fJX7LDh | |||
| zP8M7ePC1AwJAkfnVDmjonZIi/4ZMTzEGnMi3dPcgSXsgwaanSyRjpkH8yDGClLj | |||
| rG0NZjwjgJ18h7xJhgGNOQ8KERZV0oua1j91K4jvVX75y1EcmEAWVlOJZXrFdE6J | |||
| g338LB9NXiWAyFM9rZaz9/5PgFeEsGOoSdqz9r6K+PAqADZTTOHtdz32cCMk1sQb | |||
| FDHzlt5w2WzWWnoh81FEj3DULZZ4bWIIE2Ch3pCttXGfCNeOWTnleQJ7nSGa87lJ | |||
| vhQdME+7aBL3qNaqM5aHqIMngvrvsH915D2XpPMIswIDAQABo1MwUTAdBgNVHQ4E | |||
| FgQU0CvVs2LKtFp8Ika+cfX5yRNKab4wHwYDVR0jBBgwFoAU0CvVs2LKtFp8Ika+ | |||
| cfX5yRNKab4wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAFoLW | |||
| qF/d7B0Mw5+In93h5Vc9tpJJSu7sQ1PNcim4rr0+f15zoLhZHxtPnHRouMoUkJA4 | |||
| Z5lBPCZvq5KyyJJTvT3SSeHHezls4dTGd5iazBC9M5Hepe/WDgEfgbmepFBvacil | |||
| L5BnTKHQUs7h4YRQD0GvxKWFZShdTzCI51ySmfLRhw93id6qETqUxk3+9HhWTCjt | |||
| OfMJPIDlSaKeo9WNEdzPvS+4TU9I06sics7SPK+LIS0ghy328ATDerSmVHRrJ6nj | |||
| FHief+u/vPEm+7s5bOHQZ2k2NDnpNb26h4gOZmx4LTXdWEh5lkdXqPJ3VunZaFhr | |||
| BrYAVVcf7krExPFt9A== | |||
| -----END CERTIFICATE----- | |||
+ 28
- 0
src/app/selfsigned.key
Datei anzeigen
| @@ -0,0 +1,28 @@ | |||
| -----BEGIN PRIVATE KEY----- | |||
| MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/9SUObNcq4elr | |||
| oMOiFSeSmBFiM+m7ZnVNPsnt8lfssOHM/wzt48LUDAkCR+dUOaOidkiL/hkxPMQa | |||
| cyLd09yBJeyDBpqdLJGOmQfzIMYKUuOsbQ1mPCOAnXyHvEmGAY05DwoRFlXSi5rW | |||
| P3UriO9VfvnLURyYQBZWU4llesV0TomDffwsH01eJYDIUz2tlrP3/k+AV4SwY6hJ | |||
| 2rP2vor48CoANlNM4e13PfZwIyTWxBsUMfOW3nDZbNZaeiHzUUSPcNQtlnhtYggT | |||
| YKHekK21cZ8I145ZOeV5AnudIZrzuUm+FB0wT7toEveo1qozloeogyeC+u+wf3Xk | |||
| PZek8wizAgMBAAECggEAdxQNA9DS/aAdHA4jrhVvcgnxprjLgtxBYkTUIU7X6lWk | |||
| DXYewCgtQTuiDw8p2t7SusKjqGxdlmS6ximsdG2r+VXcTT+4hE4UkaAvBUzMbbUT | |||
| 1W/lAwnFgFCx4sYT2hR2VfIVbZosbSr7R3MgLXyJ88CMFutfULdY4/54WkJ54PaQ | |||
| IxJfeUNRYeaCqXxwXNzThzD85A/zN7gingm85n/v391YcDNCqLx2GPfTJwdfkLY5 | |||
| reZmBdiak4zW5N3jenZi9rUVBV9rYGQbqiwkNs8Zd7WTfAM3o7zVx7YVs8HVBlmp | |||
| U2xiOy+63gd/Z5kq2jWVRnAdvaDoFhiuSVs/RcGeaQKBgQDnLOV+Nq4cCQGDaACv | |||
| ccjB7Hg9pgmzpLnjna48TXtdWTLQcNvWLR347RQwr+bJB5sO/H2gFEYm5sqeGZjj | |||
| 7wcWF8wwiLVeMsOnTmpy5vVyICTiVwS6mvGcX5Zhb5bRPJhg5M2X/E/sxOQdwwDB | |||
| hrEzWAalDVZ6lxBjLruWPMwaZQKBgQDUkiLGSYApouuhCejenIrZhL3qlChaySjU | |||
| v1bVUdGMayjEPQlA5PVCy3MmO5aol8sJ3NpqpLOAWHu0hj3PheZEHyvqwIBAaIBE | |||
| FDjIgSqN8pzyFQ1CFX3EnzaOpWmi3mKlEyVM1GzhrKhT9/rH1014dVoosVU04jfK | |||
| UD6EjVeZNwKBgChYr5z9khmWgMscZbI5G56s1Ld9uQe/YioVpQklRLigDrxOVi/l | |||
| I+wEBJgSuyauyyMscgh0QWIcuZQqR4LQft4ePSbjVTQhjAAxMWboZEIM1iMiqNKg | |||
| pDZ0gFx1C09tUfLnO/KguJpMKrv/AqzEAz1AybgYwdUXdGa7C0ZHSh/5AoGBAKvg | |||
| qauI/M8tw7aHq7pr+z1cPq+xMlwN8SzstYpwyK3wa5sY+yV0u/dRR/8vCWeyrOKB | |||
| qD24hMePRB84uDvXOdP1HG6JTmpF1Qi3DR7aig0SkeKQMRMxC2tzjQqUJzEg/cQa | |||
| Efvoe02SbNzQUv9JUIPI56ilko7bJ183uQU2wBDLAoGBAIb4/nHO0ADCSMacKrgx | |||
| +ICL23zPgtGSZ0gtgSuCNykz90oIVAmSuRf8r13mjNBA8nAre4n0c2L1Twnb19JH | |||
| q9POxSDxH7x8j7coJdx+ZcjKB8hYKIBjiddqeRIvJ7vAaaxIPft1ROxZUe4hKrhM | |||
| ka88v7CzvJHW9xs8wIM7RVM0 | |||
| -----END PRIVATE KEY----- | |||
+ 15
- 15
src/entrypoint.sh
Datei anzeigen
| @@ -27,23 +27,23 @@ content_server=$content_server'}\n' | |||
| # Configuration skeleton for using SSL | |||
| # https://nginx.org/en/docs/http/configuring_https_servers.html | |||
| #content_server=$content_server'server {\n' | |||
| #content_server=$content_server" listen 443 ssl http2;\n" | |||
| #content_server=$content_server' ssl_certificate <certificate .crt file>;\n' | |||
| #content_server=$content_server' ssl_certificate_key <certificate .key file>;\n' | |||
| #content_server=$content_server' ssl_protocols <optional protocols>;\n' | |||
| #content_server=$content_server' ssl_ciphers <optional ciphers>;\n' | |||
| #content_server=$content_server' location / {\n' | |||
| #content_server=$content_server' include uwsgi_params;\n' | |||
| #content_server=$content_server' uwsgi_pass unix:///tmp/uwsgi.sock;\n' | |||
| #content_server=$content_server' }\n' | |||
| #content_server=$content_server" location $USE_STATIC_URL {\n" | |||
| #content_server=$content_server" alias $USE_STATIC_PATH;\n" | |||
| #content_server=$content_server' }\n' | |||
| #content_server=$content_server'}\n' | |||
| content_server=$content_server'server {\n' | |||
| content_server=$content_server" listen 443 ssl http2;\n" | |||
| content_server=$content_server' ssl_certificate /app/selfsigned.crt;\n' | |||
| content_server=$content_server' ssl_certificate_key /app/selfsigned.key;\n' | |||
| content_server=$content_server' ssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n' | |||
| content_server=$content_server' ssl_ciphers HIGH:!aNULL:!MD5;\n' | |||
| content_server=$content_server' location / {\n' | |||
| content_server=$content_server' include uwsgi_params;\n' | |||
| content_server=$content_server' uwsgi_pass unix:///tmp/uwsgi.sock;\n' | |||
| content_server=$content_server' }\n' | |||
| content_server=$content_server" location $USE_STATIC_URL {\n" | |||
| content_server=$content_server" alias $USE_STATIC_PATH;\n" | |||
| content_server=$content_server' }\n' | |||
| content_server=$content_server'}\n' | |||
| # Save generated server /etc/nginx/conf.d/nginx.conf | |||
| printf "$content_server" > /etc/nginx/conf.d/nginx.conf | |||
| exec "$@" | |||
| exec "$@" | |||