Mentions légales du service

Skip to content
Snippets Groups Projects
Commit ed647f9e authored by Robin Tissot's avatar Robin Tissot
Browse files

More ssl conf attempt.

parent ec004267
No related branches found
No related tags found
No related merge requests found
......@@ -3,11 +3,6 @@ FROM nginx:1.15.0-alpine
RUN rm /etc/nginx/conf.d/default.conf
ARG NGINX_CONF=nginx.conf
ARG ACME_FILE
ARG SSL_CERT
ARG SSL_KEY
COPY ${NGINX_CONF} /etc/nginx/conf.d/nginx.conf
COPY ${SSL_CERT} /etc/certs/cert.pem
COPY ${SSL_KEY} /etc/certs/key.pem
COPY ${ACME_FILE} /usr/share/nginx/html/
COPY ssl_certificates.conf* /etc/nginx/conf.d/
......@@ -15,13 +15,11 @@ server {
charset utf-8;
client_max_body_size 150M;
ssl_certificate /etc/certs/cert.pem;
ssl_certificate_key /etc/certs/key.pem;
include conf.d/ssl_certificates.conf;
# Performance + Privacy improvements
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/certs/cert.pem;
resolver 8.8.8.8 208.67.222.222 valid=300s;
resolver_timeout 5s;
......
ssl_certificate /etc/certs/fullchain.pem;
ssl_certificate_key /etc/certs/privkey.pem;
ssl_trusted_certificate /etc/certs/fullchain.pem;
......@@ -16,14 +16,15 @@ services:
- "80:80"
# - "443:443"
### To enable SSL, generate keys with letsencrypt/certbot
### To enable SSL, generate keys (eg with letsencrypt/certbot)
### copy nginx/ssl_certificates.conf_example and edit it
## if need be to correspond to the volume below
### and uncomment this block and the port 443
# build:
# args:
# - NGINX_CONF=ssl.conf
# - SSL_CERT=/etc/letsencrypt/live/$DOMAIN/fullchain.pem
# - SSL_KEY=/etc/letsencrypt/live/$DOMAIN/privkey.pem
# - ACME_FILE=./<some_hash>
# volumes:
# - /etc/letsencrypt/live/<mydomain>:/etc/certs
flower:
restart: always
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment