From 24812b66fabb2793c33ae93e079d9eaf1f18ccfe Mon Sep 17 00:00:00 2001 From: Marwolf Date: Sat, 18 Aug 2018 12:33:59 -0400 Subject: [PATCH] Lets Encrypt friendliness --- Website_Certbot.sh => Lets_Encrypt.sh | 2 +- docker-compose.yml | 11 +++++------ etc/logs/{ => nginx}/.gitkeep | 0 etc/logs/php/.gitkeep | 0 etc/nginx/HTTPS_default.conf.BAK | 19 ++++++++++++------- etc/nginx/nginx.conf | 12 +++++++++++- 6 files changed, 29 insertions(+), 15 deletions(-) rename Website_Certbot.sh => Lets_Encrypt.sh (83%) rename etc/logs/{ => nginx}/.gitkeep (100%) create mode 100644 etc/logs/php/.gitkeep diff --git a/Website_Certbot.sh b/Lets_Encrypt.sh similarity index 83% rename from Website_Certbot.sh rename to Lets_Encrypt.sh index d5ce090..47f225d 100755 --- a/Website_Certbot.sh +++ b/Lets_Encrypt.sh @@ -6,4 +6,4 @@ sudo docker run -it --rm --name certbot \ deliverous/certbot \ certonly \ --webroot --webroot-path=/data/letsencrypt \ - -d openrsc.com -d www.openrsc.com --staging + -d localhost -d www.localhost --staging diff --git a/docker-compose.yml b/docker-compose.yml index 9d49563..f0cb311 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,17 +8,15 @@ services: - "./etc/nginx:/opt/bitnami/nginx/conf/vhosts" - "./Website:/opt/bitnami/nginx/html" - "./etc/logs/nginx:/opt/bitnami/nginx/logs" - #- "./etc/logs/letsencrypt:/var/log/letsencrypt" - #- "./etc/letsencrypt/certs:/etc/letsencrypt" - #- "./etc/letsencrypt/data:/data/letsencrypt" + - "./etc/letsencrypt/certs:/opt/bitnami/nginx/conf/bitnami/certs" + - "./etc/nginx/fastcgi.conf:/bitnami/nginx/conf/fastcgi.conf" ports: - "80:8080" - "443:443" environment: - NGINX_HOST=${NGINX_HOST} - #- VIRTUAL_HOST=localhost - #- LETSENCRYPT_HOST=localhost - #- LETSENCRYPT_EMAIL=your.email@here.com + - LETSENCRYPT_HOST=localhost + - LETSENCRYPT_EMAIL=your.email@here.com restart: always myadmin: @@ -117,6 +115,7 @@ services: volumes: - "./etc/php/php.ini:/opt/bitnami/php/etc/conf.d/php.ini" - "./Website:/app" + - "./etc/logs/php:/opt/bitnami/php/log" depends_on: - nginx diff --git a/etc/logs/.gitkeep b/etc/logs/nginx/.gitkeep similarity index 100% rename from etc/logs/.gitkeep rename to etc/logs/nginx/.gitkeep diff --git a/etc/logs/php/.gitkeep b/etc/logs/php/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/etc/nginx/HTTPS_default.conf.BAK b/etc/nginx/HTTPS_default.conf.BAK index 88bda15..88f0bf3 100755 --- a/etc/nginx/HTTPS_default.conf.BAK +++ b/etc/nginx/HTTPS_default.conf.BAK @@ -47,16 +47,20 @@ server { client_max_body_size 100M; location / { - try_files $uri $uri/ =404; + try_files $uri $uri/index.php; } ####### Proxies ####### # PHP proxy location ~ \.php$ { - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://php; + fastcgi_pass php:9001; + fastcgi_index index.php; + include fastcgi.conf; + root /app; + } + + location ~ \.htm$ { + root /opt/bitnami/nginx/html; } # Ghost proxy @@ -78,8 +82,9 @@ server { } # Certbot for HTTPS cert renewal - location ~ ^/.well-known { - root /data/letsencrypt/; + location ~ /.well-known { + root /opt/bitnami/nginx/html; + allow all; } } diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf index 594303f..d15c157 100755 --- a/etc/nginx/nginx.conf +++ b/etc/nginx/nginx.conf @@ -21,7 +21,7 @@ server { client_max_body_size 100M; location / { - try_files $uri $uri/ =404; + try_files $uri $uri/index.php; } ####### Proxies ####### @@ -30,6 +30,11 @@ server { fastcgi_pass php:9001; fastcgi_index index.php; include fastcgi.conf; + root /app; + } + + location ~ \.htm$ { + root /opt/bitnami/nginx/html; } # Ghost proxy @@ -50,4 +55,9 @@ server { proxy_pass http://tomcat; } + location ~ /.well-known { + root /opt/bitnami/nginx/html; + allow all; + } + }