Nginx: added OpenSSL for local development (#1527)

* feature(nginx): add OpenSSL
This commit is contained in:
Vladyslav Shchepotin 2018-11-13 14:44:51 +02:00 committed by Shao Yu-Lung (Allen)
parent 1dac382827
commit 7219b3543a
9 changed files with 38 additions and 1 deletions

View File

@ -201,6 +201,7 @@ services:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
ports:
- "${NGINX_HOST_HTTP_PORT}:80"
- "${NGINX_HOST_HTTPS_PORT}:443"

View File

@ -176,6 +176,7 @@ NGINX_HOST_LOG_PATH=./logs/nginx/
NGINX_SITES_PATH=./nginx/sites/
NGINX_PHP_UPSTREAM_CONTAINER=php-fpm
NGINX_PHP_UPSTREAM_PORT=9000
NGINX_SSL_PATH=./nginx/ssl/
### APACHE ################################################

View File

@ -14,6 +14,7 @@ RUN if [ ${CHANGE_SOURCE} = true ]; then \
RUN apk update \
&& apk upgrade \
&& apk add --no-cache openssl \
&& apk add --no-cache bash \
&& adduser -D -H -u 1000 -s /bin/bash www-data
@ -24,6 +25,7 @@ ARG PHP_UPSTREAM_PORT=9000
RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \
&& rm /etc/nginx/conf.d/default.conf
CMD ["nginx"]
ADD ./startup.sh /opt/startup.sh
CMD ["/bin/bash", "/opt/startup.sh"]
EXPOSE 80 443

View File

@ -3,6 +3,12 @@ server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name app.test;
root /var/www/app;
index index.php index.html index.htm;

View File

@ -3,6 +3,12 @@ server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
# For https
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name localhost;
root /var/www/public;
index index.php index.html index.htm;

View File

@ -3,6 +3,12 @@ server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name laravel.test;
root /var/www/laravel/public;
index index.php index.html index.htm;

View File

@ -3,6 +3,12 @@ server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name symfony.test;
root /var/www/projects/symfony/web;
index index.php index.html index.htm;

0
nginx/ssl/.gitkeep Normal file
View File

9
nginx/startup.sh Normal file
View File

@ -0,0 +1,9 @@
#!/bin/bash
if [ ! -f /etc/nginx/ssl/default.crt ]; then
openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
fi
nginx