ensl/ensl.org
0
0
Fork 0
mirror of https://github.com/ENSL/ensl.org.git synced 2024-12-26 12:30:48 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix SSL for staging nginx

Browse source
This commit is contained in:
Ari Timonen 2020-04-09 03:36:19 +03:00
parent c1797204b5
commit 7fcfe27084
3 changed files with 13 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.env.staging
View file

@ -13,4 +13,4 @@ STAGING_DOMAIN=www.ensl.org
STAGING_PORT=5001 STAGING_PORT=5001
STAGING_PORT_SSL=5000 STAGING_PORT_SSL=5000
MYSQL_DATABASE=ensl_staging MYSQL_DATABASE=ensl_staging

5
docker-compose.yml
View file

@ -155,8 +155,7 @@ services:
stdin_open: true stdin_open: true
command: /bin/bash -c "envsubst '$$PUMA_PORT $$APP_PATH $$APP_PATH_PUBLIC $$STAGING_ROOT_DOMAIN $$STAGING_DOMAIN $$STAGING_PORT $$STAGING_PORT_SSL' < /etc/nginx/conf.d/*.conf.template > /etc/nginx/conf.d/default.conf && cat /etc/nginx/conf.d/*.conf && nginx -g 'daemon off;'" command: /bin/bash -c "envsubst '$$PUMA_PORT $$APP_PATH $$APP_PATH_PUBLIC $$STAGING_ROOT_DOMAIN $$STAGING_DOMAIN $$STAGING_PORT $$STAGING_PORT_SSL' < /etc/nginx/conf.d/*.conf.template > /etc/nginx/conf.d/default.conf && cat /etc/nginx/conf.d/*.conf && nginx -g 'daemon off;'"
volumes: volumes:
- ./ext/ssl/fullchain.pem:/etc/ssl/certs/ensl_fullchain.pem - ./ext/ssl:/etc/ssl/ensl
- ./ext/ssl/privkey.pem:/etc/ssl/private/ensl_privkey.pem
- ./ext/nginx.conf.d/:/etc/nginx/conf.d/ - ./ext/nginx.conf.d/:/etc/nginx/conf.d/
- ./public:/var/www/public - ./public:/var/www/public
ports: ports:
@ -185,4 +184,4 @@ services:
# and the container. It's not necessary to be able to run spring # and the container. It's not necessary to be able to run spring
# commands, but it is necessary for "spring status" and "spring stop" # commands, but it is necessary for "spring status" and "spring stop"
# to work properly. # to work properly.
# pid: host # pid: host

21
ext/nginx.conf.d/staging.conf.template
View file

@ -23,16 +23,15 @@ upstream puma {
#} #}
# HTTP -> HTTPS redirect # HTTP -> HTTPS redirect
#server { server {
# listen *:STAGING_PORT; listen *:$STAGING_PORT;
# server_name $STAGING_DOMAIN; # server_name $STAGING_DOMAIN;
# return 301 https://$STAGING_DOMAIN$request_uri; return 301 https://$STAGING_DOMAIN$request_uri;
#} }
server { server {
listen *:$STAGING_PORT default_server; #listen *:$STAGING_PORT default_server;
## SSL disabled for now listen *:$STAGING_PORT_SSL ssl default_server;
# listen *:STAGING_PORT_SSL ssl default_server;
## domain_agnostic staging ## domain_agnostic staging
# server_name $STAGING_DOMAIN; # server_name $STAGING_DOMAIN;
@ -44,8 +43,8 @@ server {
# auth_basic "Staging Area"; # auth_basic "Staging Area";
# auth_basic_user_file "/etc/nginx/conf.d/.htpasswd_staging"; # auth_basic_user_file "/etc/nginx/conf.d/.htpasswd_staging";
# ssl_certificate /etc/ssl/certs/ensl_fullchain.pem; ssl_certificate /etc/ssl/ensl/fullchain.pem;
# ssl_certificate_key /etc/ssl/private/ensl_privkey.pem; ssl_certificate_key /etc/ssl/ensl/privkey.pem;
# ssl-cert /etc/ssl/certs/ssl-cert-snakeoil.pem # ssl-cert /etc/ssl/certs/ssl-cert-snakeoil.pem
# ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key # ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key
@ -90,4 +89,4 @@ server {
} }
try_files $uri/index.html $uri @puma; try_files $uri/index.html $uri @puma;
} }