fix: add https certs

2025-04-08 18:35:06 +02:00 · 2023-02-17 16:33:01 +01:00 · 2023-02-17 16:33:01 +01:00 · c379a2de25
commit c379a2de25
parent df06e0e0b7
5 changed files with 127 additions and 18 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -7,6 +7,7 @@ services:
    volumes:
      - ./dist:/var/www/html
      - ./nginx/conf.d/:/etc/nginx/conf.d/
+      - ./nginx/ssl/:/etc/nginx/ssl/
    networks:
      - ticket_net
  php:
--- a/nginx/conf.d/ticket.conf
+++ b/nginx/conf.d/ticket.conf
@ -1,21 +1,26 @@
 server {
-    listen 80;
-    server_name app.trucky.tech;
-    index index.php index.html;
-   
-    error_log /var/log/nginx/error.log;
-    access_log /var/log/nginx/access.log;
+   listen 80;
+   listen 443 ssl;
+   server_name app.trucky.tech;
+   index index.php index.html;
+   ssl_certificate     /etc/nginx/ssl/certificate.crt;
+   ssl_certificate_key /etc/nginx/ssl/private.key;

-    ## Public directory
-    root /var/www/html;
+   error_log /var/log/nginx/error.log;
+   access_log /var/log/nginx/access.log;

-    location /api {
-       try_files $uri $uri/ /api/index.php$request_uri;
-    }
-    location / {
-       try_files $uri $uri/ /index.php;
-    }
-    location ~ [^/]\.php(/|$) {
+   ## Public directory
+   root /var/www/html;
+
+   location /api {
+      try_files $uri $uri/ /api/index.php$request_uri;
+   }
+
+   location / {
+      try_files $uri $uri/ /index.php;
+   }
+
+   location ~ [^/]\.php(/|$) {
      fastcgi_split_path_info ^(.+?\.php)(/.*)$;
      set $path_info $fastcgi_path_info;
      fastcgi_param PATH_INFO $path_info;
@ -24,8 +29,8 @@ server {
      fastcgi_pass php:9000;
      fastcgi_index index.php;
      include fastcgi_params;
-    }
+   }

-    ## To set limit upload file
-    client_max_body_size 20M;
+   ## To set limit upload file
+   client_max_body_size 20M;
 }
--- a/nginx/ssl/ca_bundle.crt
+++ b/nginx/ssl/ca_bundle.crt
@ -0,0 +1,39 @@
+-----BEGIN CERTIFICATE-----
+MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
+ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
+aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
+4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
+JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
+t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
+WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
+RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
+gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
+hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
+iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
+x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
+2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
+wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
+FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
+tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
+TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
+CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
+Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
+Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
+ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
+YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
+Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
+qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
+4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
+2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
+kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
+RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
+ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
+S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
+-----END CERTIFICATE-----
--- a/nginx/ssl/certificate.crt
+++ b/nginx/ssl/certificate.crt
@ -0,0 +1,37 @@
+-----BEGIN CERTIFICATE-----
+MIIGbTCCBFWgAwIBAgIQX8ZeKYnZOfENvbR5Wa8ERTANBgkqhkiG9w0BAQwFADBL
+MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
+TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIyMTEyNDAwMDAwMFoXDTIz
+MDIyMjIzNTk1OVowGjEYMBYGA1UEAxMPYXBwLnRydWNreS50ZWNoMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsgDGSPinRzsV39u0argYcsRwRXIQyg1
+VMpYLjheoEB2drGXnyGzS4pdduGjiH5Vz5yz+DkFRUwjaQKagL6yFrKTrdBrM/ug
+xs5wqi9T2d0+FNU5gke7cSRdWXX2JnqOYRb0nnieFB5f5oJh+syMgFEpCuTIeyHh
+UgsN9yrm+nTksVsZS6muYHkRFE6Dq/DH2/hbRic/NQv3q/WSzvuczbqW9DTbJqwc
+SPkdWvGoEp7RGCM3HOjqBtC1Ww/43IhmHstc81PrQpLW8t74CkrveRcNnjVP3PVD
+Ojn3nYTn9er6t+CvTavvpC+MywmdEH4iykzhhuczdLfny1NzCTgXlQIDAQABo4IC
+fDCCAngwHwYDVR0jBBgwFoAUyNl4aKLZGWjVPXLeXwo+3LWGhqYwHQYDVR0OBBYE
+FIWdMHmjjWnnaIN5bR+uqE7Hjm4nMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQG
+CysGAQQBsjEBAgJOMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20v
+Q1BTMAgGBmeBDAECATCBiAYIKwYBBQUHAQEEfDB6MEsGCCsGAQUFBzAChj9odHRw
+Oi8vemVyb3NzbC5jcnQuc2VjdGlnby5jb20vWmVyb1NTTFJTQURvbWFpblNlY3Vy
+ZVNpdGVDQS5jcnQwKwYIKwYBBQUHMAGGH2h0dHA6Ly96ZXJvc3NsLm9jc3Auc2Vj
+dGlnby5jb20wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCt9776fP8QyIudPZwe
+PhhqtGcpXc+xDCTKhYY069yCigAAAYSqqbdQAAAEAwBHMEUCIQCOyu7hwoUwEfnl
+9NHogigkZ0747Q4KBZOj6docLhphpQIgDU5+okKmBkNSGxLrj5C7Y1BRMJfB6tIL
+xUZ+9zL7hLkAdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYSq
+qbc7AAAEAwBIMEYCIQD1twDu8or9wWz4tNVt8tWE8FbNWur6D7UMS7g/qzv4/AIh
+AJgWvJ3jngERsAYVS66kp9jVr6aImd/m2JZznR8xVM7pMBoGA1UdEQQTMBGCD2Fw
+cC50cnVja3kudGVjaDANBgkqhkiG9w0BAQwFAAOCAgEAfdw9glMUBAaxswt16hbn
+jEnA5KkfvOXp2MenZIcbSClMKr7cfBzHm6Q+FLxxYVaXPiaiV6AkwY1DXbDY01Y4
+gS4QAFe9SL5rhaDOibBGxCHtsdgFYbKUhjocZ1ZPw3ZPb6t09C7/6ph5WRGPNUUh
+f7EiWDqT3ZNMpncbSpOnR9ukdzruWqGaWSQ4EQROUCD3RcU5sXoXGsjbodsWBJeg
+n3qoIwW9/VwkGpwJNugHx8e1jz+B22F0llHQXbnhvQKHcZ0G6huZ6XtnvK+tjfQO
+7R+De49ein/7dt0xelMSJRbqYSLGe1FXhn2Eu5S8gDknkGKYf8RynkbtJggVjaVp
+dKZJCX+6d/xPAzG8Gv9whyh59ehrdCVn8dw/IjqXE3Upd0ig1CEgEiJJ/e+82NZG
+JhUhE/N7NtKMQxAYZjp6KPih2v0weRw3pK7E9yc6PUAaEZJ8/UBrtEVKyJWjV+Ps
+yxDyt6OzGDKdfMY1h0ZvelHaIxzlfY3RbS/yUfCR9NKWrKSS0grTgXkbizh4MFzJ
+236lWK+7pAHGHAwLEs8s+2WlKNh6ToxPDOA8xAAvjigZHrfbaPds9Jj3o4gYhyXy
+a3Izrl8myOFkJVr37W/OzchnKjuIH6vWEDPyMyPAfsPa9NqYQJBabUrS3ougJaP/
+57ph5jESALw9t6KElMH6PXo=
+-----END CERTIFICATE-----
--- a/nginx/ssl/private.key
+++ b/nginx/ssl/private.key
@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEArsgDGSPinRzsV39u0argYcsRwRXIQyg1VMpYLjheoEB2drGX
+nyGzS4pdduGjiH5Vz5yz+DkFRUwjaQKagL6yFrKTrdBrM/ugxs5wqi9T2d0+FNU5
+gke7cSRdWXX2JnqOYRb0nnieFB5f5oJh+syMgFEpCuTIeyHhUgsN9yrm+nTksVsZ
+S6muYHkRFE6Dq/DH2/hbRic/NQv3q/WSzvuczbqW9DTbJqwcSPkdWvGoEp7RGCM3
+HOjqBtC1Ww/43IhmHstc81PrQpLW8t74CkrveRcNnjVP3PVDOjn3nYTn9er6t+Cv
+TavvpC+MywmdEH4iykzhhuczdLfny1NzCTgXlQIDAQABAoIBAQCsQMj05O3448F1
+dkz0bFDZcHYd8ma88Qqmdwky/DEeBIn77oi8t0zp/QKiIDy4T7Ioe4rO7vtn0WLw
+ojU8/zOqtPJgkhClWa+ZX2mgACbGh4ogpAgagrGUDz/E5EHkqFJcE3CgIcXBlDH1
+jrgboa4y5Enrx5Bh8gELh4OK/ghH+nqGk2yzo+HQO1K/7Ior/MjNgT7XN4/qibjF
+eGDekkzBnTBAPGWvrJpo+O6Bht9rRP3m9c+eL+zH0yd2gUUotkOkC9DwTZJ2i0NB
+sS4Hpy/g3b53HrNQSHDj6GQVoD32ZKS4BMFNriGSBqAWKftZRR2TBV/N5Qv6nkDy
+QqoVEUnhAoGBAO2pbTPTsHLYvNP3Uft2pbfaAvJbotFK52YqrVx6btztE+Ubqbpz
+ij5uHri+PcnWYLVf1zY5WJqsdIXY5KVbh/Szl/MB8RKohfxCRyVS8JH9ELkkk5JK
+dsJ6XePldiGaKxBWqx2CaXbPZDJOvgpx63z8Tc3QzFKQeZsj84nASWwJAoGBALxE
+fv7yJ5+wIIUYAtZwJ9n2v+WdV4m35Q07yf4TgPXwujg1Jw+b1mee50jScUj7/QG5
+LYynlujMPIEGDXVaO5rraTwNgl5yDSoJKABXS9AfCbq3/T+lr767zcrinN5oEuY+
+PsF0ILe3QuiiWEIINfYX3WI/W8IFYabdkssqycotAoGBALMPQMCYkMumsnY9U55T
+YT4o2qmBEyX++mMGaoFPmXGIicHHWtSospKg4zKr2t/UTh65K+ulvzUiE9S4emR/
+lupt2WD0qI43PGO4B+R+HdTQRyZHAYxp4BpcmZrXym48uo9fzSK5m/4w+TvSCerS
+s+sCKRiVZSwbwBN8PcQehPMJAoGAeEbWT3BLKjTugbkWTwM2IoUGkd4Uh9JpTiwN
+Xvn84KLbhX9HpiwsLOUS4642W6dJOymf1QVYXv/kA5XnUTrFa7LL92a2DDqW+G0D
+FjyvHZZGs/hJnbjvb04yKlTeXSRmNpw7oYHcSSKWZ2MYOY9fUgprEBJkP68KdP2H
+g66hXj0CgYBYW9Hadi+w9GKR0xPcoQgCqUjqjDd3/tuEFuWogTie3efJuRcHkZeK
+6+uPsoNNl7kglX5nE5FpqOq07ZUfmOJYMsGQ5rfhNELGeCwueRzGcTFTPS5X5Nis
+v0YGrsMfdiTpPhSwEomXV4kdxPFqD1MCo+ojbFUr/cuaJwNAeR932w==
+-----END RSA PRIVATE KEY-----