Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
scripta
eScriptorium
Commits
ed647f9e
Commit
ed647f9e
authored
Aug 03, 2020
by
Robin Tissot
Browse files
More ssl conf attempt.
parent
ec004267
Changes
4
Hide whitespace changes
Inline
Side-by-side
nginx/Dockerfile
View file @
ed647f9e
...
...
@@ -3,11 +3,6 @@ FROM nginx:1.15.0-alpine
RUN
rm
/etc/nginx/conf.d/default.conf
ARG
NGINX_CONF=nginx.conf
ARG
ACME_FILE
ARG
SSL_CERT
ARG
SSL_KEY
COPY
${NGINX_CONF} /etc/nginx/conf.d/nginx.conf
COPY
${SSL_CERT} /etc/certs/cert.pem
COPY
${SSL_KEY} /etc/certs/key.pem
COPY
${ACME_FILE} /usr/share/nginx/html/
COPY
ssl_certificates.conf* /etc/nginx/conf.d/
nginx/ssl.conf
View file @
ed647f9e
...
...
@@ -15,13 +15,11 @@ server {
charset
utf
-
8
;
client_max_body_size
150
M
;
ssl_certificate
/
etc
/
certs
/
cert
.
pem
;
ssl_certificate_key
/
etc
/
certs
/
key
.
pem
;
include
conf
.
d
/
ssl_certificates
.
conf
;
# Performance + Privacy improvements
ssl_stapling
on
;
ssl_stapling_verify
on
;
ssl_trusted_certificate
/
etc
/
certs
/
cert
.
pem
;
resolver
8
.
8
.
8
.
8
208
.
67
.
222
.
222
valid
=
300
s
;
resolver_timeout
5
s
;
...
...
nginx/ssl_certificates.conf_example
0 → 100644
View file @
ed647f9e
ssl_certificate /etc/certs/fullchain.pem;
ssl_certificate_key /etc/certs/privkey.pem;
ssl_trusted_certificate /etc/certs/fullchain.pem;
production.yml_example
View file @
ed647f9e
...
...
@@ -16,14 +16,15 @@ services:
- "80:80"
# - "443:443"
### To enable SSL, generate keys with letsencrypt/certbot
### To enable SSL, generate keys (eg with letsencrypt/certbot)
### copy nginx/ssl_certificates.conf_example and edit it
## if need be to correspond to the volume below
### and uncomment this block and the port 443
# build:
# args:
# - NGINX_CONF=ssl.conf
# - SSL_CERT=/etc/letsencrypt/live/$DOMAIN/fullchain.pem
# - SSL_KEY=/etc/letsencrypt/live/$DOMAIN/privkey.pem
# - ACME_FILE=./<some_hash>
# volumes:
# - /etc/letsencrypt/live/<mydomain>:/etc/certs
flower:
restart: always
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment