Made program generate SSL
This commit is contained in:
19
Dockerfile
19
Dockerfile
@@ -1,21 +1,13 @@
|
|||||||
FROM node:18-alpine as build
|
FROM node:18-alpine AS build
|
||||||
WORKDIR /build
|
WORKDIR /build
|
||||||
ADD . .
|
ADD . .
|
||||||
RUN [ "npm", "ci" ]
|
RUN [ "npm", "ci" ]
|
||||||
COPY <<EOF src/environments/environment.ts
|
|
||||||
export const environment = {
|
|
||||||
apiEndpoint: `http://localhost/api`,
|
|
||||||
version: "v1.0.0",
|
|
||||||
vapid: {
|
|
||||||
pubkey: `${VAPID}`
|
|
||||||
},
|
|
||||||
production: true
|
|
||||||
};
|
|
||||||
EOF
|
|
||||||
RUN [ "npm", "run", "build" ]
|
RUN [ "npm", "run", "build" ]
|
||||||
|
|
||||||
FROM httpd:alpine as runtime
|
FROM httpd:alpine AS runtime
|
||||||
|
RUN apk add --no-cache certbot certbot-apache
|
||||||
COPY httpd.conf /usr/local/apache2/conf/httpd.conf
|
COPY httpd.conf /usr/local/apache2/conf/httpd.conf
|
||||||
|
COPY cli.ini /etc/letsencrypt/cli.ini
|
||||||
COPY --from=build /build/dist /usr/local/apache2/htdocs/
|
COPY --from=build /build/dist /usr/local/apache2/htdocs/
|
||||||
COPY <<EOF /usr/local/apache2/htdocs/ipwa/.htaccess
|
COPY <<EOF /usr/local/apache2/htdocs/ipwa/.htaccess
|
||||||
RewriteEngine on
|
RewriteEngine on
|
||||||
@@ -25,4 +17,7 @@ RewriteRule ^ - [L]
|
|||||||
RewriteRule ^ /ipwa/index.html
|
RewriteRule ^ /ipwa/index.html
|
||||||
EOF
|
EOF
|
||||||
RUN chmod +rx /usr/local/apache2/htdocs/ipwa/.htaccess
|
RUN chmod +rx /usr/local/apache2/htdocs/ipwa/.htaccess
|
||||||
|
COPY entrypoint.sh entrypoint.sh
|
||||||
EXPOSE 80
|
EXPOSE 80
|
||||||
|
EXPOSE 443
|
||||||
|
CMD ["sh", "entrypoint.sh"]
|
||||||
14
README.md
14
README.md
@@ -5,18 +5,4 @@ This project depends on the [Backend server](https://github.com/Slasherss1/ipwa-
|
|||||||
|
|
||||||
## Things to change
|
## Things to change
|
||||||
Change following files:
|
Change following files:
|
||||||
- `Dockerfile`:
|
|
||||||
| Line | What to change | Note |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| 7 | ``apiEndpoint: `http://localhost/api`,`` | Change url to backend endpoint |
|
|
||||||
|
|
||||||
- `httpd.conf`:
|
|
||||||
| Line | What to change | Note |
|
|
||||||
| --- | --- | --- |
|
|
||||||
| 233 | `ServerAdmin you@example.com` | Change to webmaster's email |
|
|
||||||
| 242 | `ServerName www.example.com` | Change to final domain name |
|
|
||||||
| 312 | `ServerName www.example.com` | See above |
|
|
||||||
| 314 | `SSLCertificateFile /cert/live/<domain>/cert.pem` | Change `<domain>` to the domain name above |
|
|
||||||
| 315 | `SSLCertificateKeyFile /cert/live/<domain>/privkey.pem` | Change `<domain>` to the domain name above |
|
|
||||||
| 316 | `SSLCertificateChainFile /cert/live/<domain>/chain.pem` | Change `<domain>` to the domain name above |
|
|
||||||
- (Optional) `src/assets/icons/*` - You can change the icons to your own
|
- (Optional) `src/assets/icons/*` - You can change the icons to your own
|
||||||
3
cli.ini
Normal file
3
cli.ini
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
agree-tos = true
|
||||||
|
apache-challenge-location = /usr/local/apache2
|
||||||
|
apache-server-root = /usr/local/apache2
|
||||||
@@ -2,4 +2,10 @@ services:
|
|||||||
front:
|
front:
|
||||||
build: .
|
build: .
|
||||||
ports:
|
ports:
|
||||||
- 8080:80
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
environment:
|
||||||
|
- DOMAIN=
|
||||||
|
- EMAIL=
|
||||||
|
volumes:
|
||||||
|
- cert:/etc/letsencrypt
|
||||||
15
entrypoint.sh
Normal file
15
entrypoint.sh
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
cat >> /usr/local/apache2/conf/httpd.conf <<EOF
|
||||||
|
ServerName $DOMAIN
|
||||||
|
ServerAdmin $EMAIL
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName $DOMAIN
|
||||||
|
</VirtualHost>
|
||||||
|
EOF
|
||||||
|
|
||||||
|
http -k start
|
||||||
|
certbot --apache -n --keep -d $DOMAIN -m $EMAIL
|
||||||
|
httpd -k stop
|
||||||
|
|
||||||
|
|
||||||
|
httpd-foreground
|
||||||
30
httpd.conf
30
httpd.conf
@@ -92,7 +92,7 @@ LoadModule auth_basic_module modules/mod_auth_basic.so
|
|||||||
#LoadModule cache_module modules/mod_cache.so
|
#LoadModule cache_module modules/mod_cache.so
|
||||||
#LoadModule cache_disk_module modules/mod_cache_disk.so
|
#LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||||
#LoadModule cache_socache_module modules/mod_cache_socache.so
|
#LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||||
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||||||
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||||||
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||||||
#LoadModule socache_redis_module modules/mod_socache_redis.so
|
#LoadModule socache_redis_module modules/mod_socache_redis.so
|
||||||
@@ -225,22 +225,6 @@ Group www-data
|
|||||||
# virtual host being defined.
|
# virtual host being defined.
|
||||||
#
|
#
|
||||||
|
|
||||||
#
|
|
||||||
# ServerAdmin: Your address, where problems with the server should be
|
|
||||||
# e-mailed. This address appears on some server-generated pages, such
|
|
||||||
# as error documents. e.g. admin@your-domain.com
|
|
||||||
#
|
|
||||||
ServerAdmin you@example.com
|
|
||||||
|
|
||||||
#
|
|
||||||
# ServerName gives the name and port that the server uses to identify itself.
|
|
||||||
# This can often be determined automatically, but we recommend you specify
|
|
||||||
# it explicitly to prevent problems during startup.
|
|
||||||
#
|
|
||||||
# If your host doesn't have a registered DNS name, enter its IP address here.
|
|
||||||
#
|
|
||||||
ServerName www.example.com
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Deny access to the entirety of your server's filesystem. You must
|
# Deny access to the entirety of your server's filesystem. You must
|
||||||
# explicitly permit access to web content directories in other
|
# explicitly permit access to web content directories in other
|
||||||
@@ -308,14 +292,6 @@ RedirectMatch ^/$ /ipwa
|
|||||||
Alias "/var/www/certbot/.well-known/acme-challenge/"
|
Alias "/var/www/certbot/.well-known/acme-challenge/"
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
<VirtualHost *:443>
|
|
||||||
ServerName www.example.com
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile /cert/live/<domain>/cert.pem
|
|
||||||
SSLCertificateKeyFile /cert/live/<domain>/privkey.pem
|
|
||||||
SSLCertificateChainFile /cert/live/<domain>/chain.pem
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# DirectoryIndex: sets the file that Apache will serve if a directory
|
# DirectoryIndex: sets the file that Apache will serve if a directory
|
||||||
# is requested.
|
# is requested.
|
||||||
@@ -569,6 +545,10 @@ Include conf/extra/proxy-html.conf
|
|||||||
# starting without SSL on platforms with no /dev/random equivalent
|
# starting without SSL on platforms with no /dev/random equivalent
|
||||||
# but a statically compiled-in mod_ssl.
|
# but a statically compiled-in mod_ssl.
|
||||||
#
|
#
|
||||||
|
|
||||||
|
SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_cache(512000)"
|
||||||
|
SSLSessionCacheTimeout 300
|
||||||
|
|
||||||
<IfModule ssl_module>
|
<IfModule ssl_module>
|
||||||
SSLRandomSeed startup builtin
|
SSLRandomSeed startup builtin
|
||||||
SSLRandomSeed connect builtin
|
SSLRandomSeed connect builtin
|
||||||
|
|||||||
@@ -1,8 +1,6 @@
|
|||||||
export const environment = {
|
export const environment = {
|
||||||
apiEndpoint: `https://${process.env['ORIGIN']}/api`,
|
apiEndpoint: `${window.location.origin}/api`,
|
||||||
version: "v1.0.0",
|
version: "v1.0.0",
|
||||||
vapid: {
|
vapid: { pubkey: "" },
|
||||||
pubkey: `${process.env['VAPID']}`
|
|
||||||
},
|
|
||||||
production: true
|
production: true
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user