Pour tout problème contactez-nous par mail : support@froggit.fr | La FAQ :grey_question: | Rejoignez-nous sur le Chat :speech_balloon:

Skip to content
Snippets Groups Projects
Commit e7bff5f2 authored by peter_rabbit's avatar peter_rabbit
Browse files

ssl try again

parent af9c7f35
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Dockerfile
+ 0
1
View file @ e7bff5f2
...@@ -4,7 +4,6 @@ FROM nginx ...@@ -4,7 +4,6 @@ FROM nginx
RUN rm -rf /usr/share/nginx/html/* RUN rm -rf /usr/share/nginx/html/*
RUN apt-get update \ RUN apt-get update \
&& apt upgrade -y \
&& apt-get install nodejs npm -y && apt-get install nodejs npm -y
WORKDIR /usr/share/nginx/html WORKDIR /usr/share/nginx/html
......
docker-compose.yml
+ 2
2
View file @ e7bff5f2
...@@ -10,10 +10,10 @@ services: ...@@ -10,10 +10,10 @@ services:
- ./public:/usr/share/nginx/html - ./public:/usr/share/nginx/html
- ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot - ./data/certbot/www:/var/www/certbot
command: /bin/sh -c while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \daemon off;\”‘” command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot: certbot:
image: certbot/certbot image: certbot/certbot
volumes: volumes:
- ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot - ./data/certbot/www:/var/www/certbot
entrypoint: /bin/sh -c trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;' entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
nginx.conf
+ 9
1
View file @ e7bff5f2
...@@ -43,11 +43,19 @@ http { ...@@ -43,11 +43,19 @@ http {
server { server {
listen 443 ssl; listen 443 ssl;
root /usr/share/nginx/html;
server_name kuadrado-software.fr www.kuadrado-software.fr; server_name kuadrado-software.fr www.kuadrado-software.fr;
index index.html index.htm; index index.html index.htm;
ssl_certificate /etc/letsencrypt/live/kuadrado-software.fr/fullchain.pem; ssl_certificate /etc/letsencrypt/live/kuadrado-software.fr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/kuadrado-software.fr/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/kuadrado-software.fr/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
# https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf
ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / { location / {
proxy_pass http://kuadrado-software.fr; proxy_pass http://kuadrado-software.fr;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Froggit est fièrement fabriqué avec amour par Lydra avec des Logiciels Libres et hébergé en France chez Scaleway | Status du service