-
Notifications
You must be signed in to change notification settings - Fork 0
/
local_https.patch
90 lines (85 loc) · 2.25 KB
/
local_https.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
diff --git a/docker-compose.yml b/docker-compose.yml
index e7d87b3..e0e6b24 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -51,28 +51,33 @@ services:
build: ./proxy
container_name: rezeptbuch
restart: always
+ ports:
+ - "80:80"
+ - "443:443"
depends_on:
- ui
+ volumes:
+ - ./selfsigned:/certs:ro
networks:
- rezeptbuch
- - system-proxy_default
+ # - system-proxy_default
volumes:
redisStorage:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: /home/niklas/rezeptbuch/db
+ # driver: local
+ # driver_opts:
+ # o: bind
+ # type: none
+ # device: /home/niklas/rezeptbuch/db
images:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: /home/niklas/rezeptbuch/images
+ # driver: local
+ # driver_opts:
+ # o: bind
+ # type: none
+ # device: /home/niklas/rezeptbuch/images
networks:
rezeptbuch:
driver: bridge
- system-proxy_default:
- external: true
+ # system-proxy_default:
+ # external: true
diff --git a/proxy/nginx.conf b/proxy/nginx.conf
index 25ebbb9..a36f9f9 100644
--- a/proxy/nginx.conf
+++ b/proxy/nginx.conf
@@ -33,20 +33,20 @@ http {
server {
listen 80;
- # return 301 https://$host$request_uri;
- # }
-
- # server {
- # listen 443 ssl http2;
-
- # ssl_certificate /certs/niklaspc.de.crt;
- # ssl_certificate_key /certs/niklaspc.de.key;
- # ssl_early_data on;
- # ssl_prefer_server_ciphers off;
- # ssl_session_timeout 1d;
- # ssl_session_cache shared:SSL:50m;
- # ssl_session_tickets off;
- # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+ return 301 https://$host$request_uri;
+ }
+
+ server {
+ listen 443 ssl http2;
+
+ ssl_certificate /certs/niklaspc.de.crt;
+ ssl_certificate_key /certs/niklaspc.de.key;
+ ssl_early_data on;
+ ssl_prefer_server_ciphers off;
+ ssl_session_timeout 1d;
+ ssl_session_cache shared:SSL:50m;
+ ssl_session_tickets off;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
root /var/www/html;