Nginx: added OpenSSL for local development (#1527)
* feature(nginx): add OpenSSL
This commit is contained in:
parent
1dac382827
commit
7219b3543a
|
@ -201,6 +201,7 @@ services:
|
|||
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
|
||||
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
|
||||
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
|
||||
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
|
||||
ports:
|
||||
- "${NGINX_HOST_HTTP_PORT}:80"
|
||||
- "${NGINX_HOST_HTTPS_PORT}:443"
|
||||
|
|
|
@ -176,6 +176,7 @@ NGINX_HOST_LOG_PATH=./logs/nginx/
|
|||
NGINX_SITES_PATH=./nginx/sites/
|
||||
NGINX_PHP_UPSTREAM_CONTAINER=php-fpm
|
||||
NGINX_PHP_UPSTREAM_PORT=9000
|
||||
NGINX_SSL_PATH=./nginx/ssl/
|
||||
|
||||
### APACHE ################################################
|
||||
|
||||
|
|
|
@ -14,6 +14,7 @@ RUN if [ ${CHANGE_SOURCE} = true ]; then \
|
|||
|
||||
RUN apk update \
|
||||
&& apk upgrade \
|
||||
&& apk add --no-cache openssl \
|
||||
&& apk add --no-cache bash \
|
||||
&& adduser -D -H -u 1000 -s /bin/bash www-data
|
||||
|
||||
|
@ -24,6 +25,7 @@ ARG PHP_UPSTREAM_PORT=9000
|
|||
RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \
|
||||
&& rm /etc/nginx/conf.d/default.conf
|
||||
|
||||
CMD ["nginx"]
|
||||
ADD ./startup.sh /opt/startup.sh
|
||||
CMD ["/bin/bash", "/opt/startup.sh"]
|
||||
|
||||
EXPOSE 80 443
|
||||
|
|
|
@ -3,6 +3,12 @@ server {
|
|||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name app.test;
|
||||
root /var/www/app;
|
||||
index index.php index.html index.htm;
|
||||
|
|
|
@ -3,6 +3,12 @@ server {
|
|||
listen 80 default_server;
|
||||
listen [::]:80 default_server ipv6only=on;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name localhost;
|
||||
root /var/www/public;
|
||||
index index.php index.html index.htm;
|
||||
|
|
|
@ -3,6 +3,12 @@ server {
|
|||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name laravel.test;
|
||||
root /var/www/laravel/public;
|
||||
index index.php index.html index.htm;
|
||||
|
|
|
@ -3,6 +3,12 @@ server {
|
|||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name symfony.test;
|
||||
root /var/www/projects/symfony/web;
|
||||
index index.php index.html index.htm;
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ ! -f /etc/nginx/ssl/default.crt ]; then
|
||||
openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
|
||||
openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
|
||||
openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
|
||||
fi
|
||||
|
||||
nginx
|
Loading…
Reference in New Issue