Skip to content

Commit

Permalink
Get SSL working in dev
Browse files Browse the repository at this point in the history 
- proved it'll work on live
  • Loading branch information
@rikkit
rikkit committed Jul 2, 2020
1 parent 4d5b9d8 commit 36e4b2c
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 43 deletions.
5 changes: 3 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@ Run in WSL 2 (Ubuntu)
## Containers

1. Get DO API key and save to ~/.digitalocean.ini `dns_digitalocean_token = xxxxx`
1. Create SSL cert for local dev `dc run --entrypoint certbot certbot certonly --dns-digitalocean --dns-digitalocean-credentials /root/.digitalocean.ini --agree-tos --email [email protected] --domain dev.rikk.it`
1.
1. Create SSL cert for local dev `dc run --entrypoint certbot certbot certonly --dns-digitalocean --dns-digitalocean-credentials /root/.digitalocean.ini --agree-tos --email [email protected] --domain api-dev.rikk.it dev.rikk.it`
1. Add entries to hosts on Windows `xx.xx.xx.xx dev.rikk.it api-dev.rikk.it` - IP is `host.docker.internal` resolved
1. `dc up -d`

# Licence

Expand Down
62 changes: 21 additions & 41 deletions src/proxy/nginx.dev.conf
View file
Original file line number Diff line number Diff line change
@@ -1,57 +1,37 @@

server {
listen 80;
server_name api-dev.rikk.it;
server_name dev.rikk.it test.rikk.it api-dev.rikk.it;

location / {
proxy_pass http://backend:1337;
return 301 https://$host$request_uri;
}
}

server {
listen 80;
server_name dev.rikk.it;

listen 443 ssl;
server_name test.rikk.it; # TEMP dev.rikk.it got rate limited :(

ssl_certificate /etc/letsencrypt/live/test.rikk.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.rikk.it/privkey.pem;
include /etc/letsencrypt/letsencrypt-recommended-ssl.conf;
ssl_dhparam /etc/letsencrypt/letsencrypt-dhparams.pem;

location / {
proxy_pass http://frontend:3000;
}
}

# TODO SSL

# server {
# listen 80;
# server_name dev.rikk.it api-dev.rikk.it;

# location / {
# return 301 https://$host$request_uri;
# }
# }

# server {
# listen 443 ssl;
# server_name dev.rikk.it;

# ssl_certificate /etc/letsencrypt/live/dev.rikk.it/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/dev.rikk.it/privkey.pem;
# include /etc/letsencrypt/letsencrypt-recommended-ssl.conf;
# ssl_dhparam /etc/letsencrypt/letsencrypt-dhparams.pem;

# location / {
# proxy_pass http://frontend:3000;
# }
# }

# server {
# listen 443 ssl;
# server_name api-dev.rikk.it;
server {
listen 443 ssl;
server_name api-dev.rikk.it;

# ssl_certificate /etc/letsencrypt/live/dev.rikk.it/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/dev.rikk.it/privkey.pem;
# include /etc/letsencrypt/letsencrypt-recommended-ssl.conf;
# ssl_dhparam /etc/letsencrypt/letsencrypt-dhparams.pem;
ssl_certificate /etc/letsencrypt/live/api-dev.rikk.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api-dev.rikk.it/privkey.pem;
include /etc/letsencrypt/letsencrypt-recommended-ssl.conf;
ssl_dhparam /etc/letsencrypt/letsencrypt-dhparams.pem;

# location / {
# proxy_pass http://backend:1337;
# }
# }
location / {
proxy_pass http://backend:1337;
}
}

0 comments on commit 36e4b2c

Please sign in to comment.