Lets Encrypt friendliness

2018-08-18 12:33:59 -04:00
parent e0e350991e
commit 24812b66fa
6 changed files with 29 additions and 15 deletions
--- a/Website_Certbot.sh
+++ b/Website_Certbot.sh
@@ -6,4 +6,4 @@ sudo docker run -it --rm --name certbot \
        deliverous/certbot \
        certonly \
        --webroot --webroot-path=/data/letsencrypt \
-        -d openrsc.com -d www.openrsc.com --staging
+        -d localhost -d www.localhost --staging
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,17 +8,15 @@ services:
            - "./etc/nginx:/opt/bitnami/nginx/conf/vhosts"
            - "./Website:/opt/bitnami/nginx/html"
            - "./etc/logs/nginx:/opt/bitnami/nginx/logs"
-            #- "./etc/logs/letsencrypt:/var/log/letsencrypt"
-            #- "./etc/letsencrypt/certs:/etc/letsencrypt"
-            #- "./etc/letsencrypt/data:/data/letsencrypt"
+            - "./etc/letsencrypt/certs:/opt/bitnami/nginx/conf/bitnami/certs"
+            - "./etc/nginx/fastcgi.conf:/bitnami/nginx/conf/fastcgi.conf"
        ports:
            - "80:8080"
            - "443:443"
        environment:
            - NGINX_HOST=${NGINX_HOST}
-            #- VIRTUAL_HOST=localhost
-            #- LETSENCRYPT_HOST=localhost
-            #- LETSENCRYPT_EMAIL=your.email@here.com
+            - LETSENCRYPT_HOST=localhost
+            - LETSENCRYPT_EMAIL=your.email@here.com
        restart: always

    myadmin:
@@ -117,6 +115,7 @@ services:
        volumes:
            - "./etc/php/php.ini:/opt/bitnami/php/etc/conf.d/php.ini"
            - "./Website:/app"
+            - "./etc/logs/php:/opt/bitnami/php/log"
        depends_on:
          - nginx

--- a/etc/logs/nginx/.gitkeep
+++ b/etc/logs/nginx/.gitkeep
--- a/etc/logs/php/.gitkeep
+++ b/etc/logs/php/.gitkeep
--- a/etc/nginx/HTTPS_default.conf.BAK
+++ b/etc/nginx/HTTPS_default.conf.BAK
@@ -47,16 +47,20 @@ server {
    client_max_body_size                    100M;

    location / {
-        try_files $uri $uri/ =404;
+        try_files $uri $uri/index.php;
    }

    ####### Proxies #######
    # PHP proxy
    location ~ \.php$ {
-        proxy_set_header X-Forwarded-Host $host;
-        proxy_set_header X-Forwarded-Server $host;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_pass                          http://php;
+        fastcgi_pass php:9001;
+        fastcgi_index index.php;
+        include fastcgi.conf;
+        root /app;
+    }
+
+    location ~ \.htm$ {
+        root   /opt/bitnami/nginx/html;
    }

    # Ghost proxy
@@ -78,8 +82,9 @@ server {
    }

    # Certbot for HTTPS cert renewal
-    location ~ ^/.well-known {
-        root /data/letsencrypt/;
+    location ~ /.well-known {
+            root   /opt/bitnami/nginx/html;
+            allow all;
    }

 }
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -21,7 +21,7 @@ server {
    client_max_body_size                    100M;

    location / {
-        try_files $uri $uri/ =404;
+        try_files $uri $uri/index.php;
    }

    ####### Proxies #######
@@ -30,6 +30,11 @@ server {
        fastcgi_pass php:9001;
        fastcgi_index index.php;
        include fastcgi.conf;
+        root /app;
+    }
+
+    location ~ \.htm$ {
+        root   /opt/bitnami/nginx/html;
    }

    # Ghost proxy
@@ -50,4 +55,9 @@ server {
        proxy_pass                          http://tomcat;
    }

+    location ~ /.well-known {
+            root   /opt/bitnami/nginx/html;
+            allow all;
+    }
+
 }