Nginx: added OpenSSL for local development (#1527)
* feature(nginx): add OpenSSL
This commit is contained in:
parent
1dac382827
commit
7219b3543a
|
@ -201,6 +201,7 @@ services:
|
||||||
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
|
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
|
||||||
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
|
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
|
||||||
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
|
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
|
||||||
|
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
|
||||||
ports:
|
ports:
|
||||||
- "${NGINX_HOST_HTTP_PORT}:80"
|
- "${NGINX_HOST_HTTP_PORT}:80"
|
||||||
- "${NGINX_HOST_HTTPS_PORT}:443"
|
- "${NGINX_HOST_HTTPS_PORT}:443"
|
||||||
|
|
|
@ -176,6 +176,7 @@ NGINX_HOST_LOG_PATH=./logs/nginx/
|
||||||
NGINX_SITES_PATH=./nginx/sites/
|
NGINX_SITES_PATH=./nginx/sites/
|
||||||
NGINX_PHP_UPSTREAM_CONTAINER=php-fpm
|
NGINX_PHP_UPSTREAM_CONTAINER=php-fpm
|
||||||
NGINX_PHP_UPSTREAM_PORT=9000
|
NGINX_PHP_UPSTREAM_PORT=9000
|
||||||
|
NGINX_SSL_PATH=./nginx/ssl/
|
||||||
|
|
||||||
### APACHE ################################################
|
### APACHE ################################################
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ RUN if [ ${CHANGE_SOURCE} = true ]; then \
|
||||||
|
|
||||||
RUN apk update \
|
RUN apk update \
|
||||||
&& apk upgrade \
|
&& apk upgrade \
|
||||||
|
&& apk add --no-cache openssl \
|
||||||
&& apk add --no-cache bash \
|
&& apk add --no-cache bash \
|
||||||
&& adduser -D -H -u 1000 -s /bin/bash www-data
|
&& adduser -D -H -u 1000 -s /bin/bash www-data
|
||||||
|
|
||||||
|
@ -24,6 +25,7 @@ ARG PHP_UPSTREAM_PORT=9000
|
||||||
RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \
|
RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \
|
||||||
&& rm /etc/nginx/conf.d/default.conf
|
&& rm /etc/nginx/conf.d/default.conf
|
||||||
|
|
||||||
CMD ["nginx"]
|
ADD ./startup.sh /opt/startup.sh
|
||||||
|
CMD ["/bin/bash", "/opt/startup.sh"]
|
||||||
|
|
||||||
EXPOSE 80 443
|
EXPOSE 80 443
|
||||||
|
|
|
@ -3,6 +3,12 @@ server {
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
|
||||||
|
# For https
|
||||||
|
# listen 443 ssl;
|
||||||
|
# listen [::]:443 ssl ipv6only=on;
|
||||||
|
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||||
|
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||||
|
|
||||||
server_name app.test;
|
server_name app.test;
|
||||||
root /var/www/app;
|
root /var/www/app;
|
||||||
index index.php index.html index.htm;
|
index index.php index.html index.htm;
|
||||||
|
|
|
@ -3,6 +3,12 @@ server {
|
||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
listen [::]:80 default_server ipv6only=on;
|
listen [::]:80 default_server ipv6only=on;
|
||||||
|
|
||||||
|
# For https
|
||||||
|
# listen 443 ssl default_server;
|
||||||
|
# listen [::]:443 ssl default_server ipv6only=on;
|
||||||
|
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||||
|
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||||
|
|
||||||
server_name localhost;
|
server_name localhost;
|
||||||
root /var/www/public;
|
root /var/www/public;
|
||||||
index index.php index.html index.htm;
|
index index.php index.html index.htm;
|
||||||
|
|
|
@ -3,6 +3,12 @@ server {
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
|
||||||
|
# For https
|
||||||
|
# listen 443 ssl;
|
||||||
|
# listen [::]:443 ssl ipv6only=on;
|
||||||
|
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||||
|
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||||
|
|
||||||
server_name laravel.test;
|
server_name laravel.test;
|
||||||
root /var/www/laravel/public;
|
root /var/www/laravel/public;
|
||||||
index index.php index.html index.htm;
|
index index.php index.html index.htm;
|
||||||
|
|
|
@ -3,6 +3,12 @@ server {
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
|
||||||
|
# For https
|
||||||
|
# listen 443 ssl;
|
||||||
|
# listen [::]:443 ssl ipv6only=on;
|
||||||
|
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||||
|
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||||
|
|
||||||
server_name symfony.test;
|
server_name symfony.test;
|
||||||
root /var/www/projects/symfony/web;
|
root /var/www/projects/symfony/web;
|
||||||
index index.php index.html index.htm;
|
index index.php index.html index.htm;
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ ! -f /etc/nginx/ssl/default.crt ]; then
|
||||||
|
openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
|
||||||
|
openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
|
||||||
|
openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
|
||||||
|
fi
|
||||||
|
|
||||||
|
nginx
|
Loading…
Reference in New Issue