From 80d8ffde8cac5572916e420a3a36afad21ef796c Mon Sep 17 00:00:00 2001 From: philtrep Date: Fri, 14 Oct 2016 14:21:40 -0400 Subject: [PATCH] Fixed nginx no SSL simple --- README.md | 2 +- docker-compose.yml | 24 ++++++++++++------------ mysql/Dockerfile | 4 ++-- nginx/scripts/build-nginx.sh | 20 +++++++++++++++----- 4 files changed, 30 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 1355231..8e1935c 100644 --- a/README.md +++ b/README.md @@ -246,7 +246,7 @@ You can specify a `PROJECT_PATH` to change the directory in which `npm` will per args: MYSQL_DATABASE: default_database MYSQL_USER: default_user - mysql_password: secret + MYSQL_PASSWORD: secret ``` #### Change the NGINX reverse proxy port diff --git a/docker-compose.yml b/docker-compose.yml index 6d50199..7c1db70 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,9 +6,9 @@ services: build: context: ./node args: - NODE_VERSION: latest - PROJECT_PATH: /opt/app/ - NODE_ENV: production + - NODE_VERSION=latest + - PROJECT_PATH=/opt/app/ + - NODE_ENV=production volumes: - ../:/opt/app extra_hosts: @@ -20,9 +20,9 @@ services: build: context: ./mysql args: - MYSQL_DATABASE: default_database - MYSQL_USER: default_user - mysql_password: secret + - MYSQL_DATABASE=default_database + - MYSQL_USER=default_user + - MYSQL_PASSWORD=secret volumes_from: - volumes expose: @@ -34,10 +34,10 @@ services: build: context: ./nginx args: - WEB_REVERSE_PROXY_PORT: "8000" - WEB_SSL: "false" - SELF_SIGNED: "false" - NO_DEFAULT: "false" + - WEB_REVERSE_PROXY_PORT=8000 + - WEB_SSL=false + - SELF_SIGNED=false + - NO_DEFAULT=false volumes_from: - volumes ports: @@ -59,8 +59,8 @@ services: build: context: ./workspace args: - NODE_VERSION: latest - TZ: "UTC" + - NODE_VERSION=latest + - TZ=UTC links: - nginx volumes: diff --git a/mysql/Dockerfile b/mysql/Dockerfile index 8eb342e..e2bb819 100644 --- a/mysql/Dockerfile +++ b/mysql/Dockerfile @@ -7,11 +7,11 @@ RUN chown -R mysql:root /var/lib/mysql/ ARG MYSQL_DATABASE ARG MYSQL_USER -ARG mysql_password +ARG MYSQL_PASSWORD ENV MYSQL_DATABASE=$MYSQL_DATABASE ENV MYSQL_USER=$MYSQL_USER -ENV MYSQL_PASSWORD=$mysql_password +ENV MYSQL_PASSWORD=$MYSQL_PASSWORD RUN sed -i 's/MYSQL_DATABASE/'$MYSQL_DATABASE'/g' /etc/mysql/startup && \ sed -i 's/MYSQL_USER/'$MYSQL_USER'/g' /etc/mysql/startup && \ diff --git a/nginx/scripts/build-nginx.sh b/nginx/scripts/build-nginx.sh index 4a8d6b0..64586d2 100644 --- a/nginx/scripts/build-nginx.sh +++ b/nginx/scripts/build-nginx.sh @@ -8,13 +8,20 @@ for template in /etc/nginx/templates/*.template; do envsubst < $template > "/etc/nginx/sites-available/"$(basename $template)".conf" done -if [ $NO_DEFAULT = "true" ]; then +if [[ "$NO_DEFAULT" = true ]]; then rm /etc/nginx/sites-available/node.template.conf rm /etc/nginx/sites-available/node-https.template.conf +else + if [[ "$WEB_SSL" = false ]]; then + rm /etc/nginx/sites-available/node-https.template.conf + fi fi -if [ "$WEB_SSL" = "true" ] && [ "$NO_DEFAULT" = "false"]; then - if [ "$SELF_SIGNED" = "true" ]; then +if [[ "$WEB_SSL" = true && "$NO_DEFAULT" = false ]]; then + if [[ "$SELF_SIGNED" = true ]]; then + echo "---------------------------------------------------------" + echo "NGINX: Generating certificates" + echo "---------------------------------------------------------" openssl req \ -new \ -newkey rsa:4096 \ @@ -22,11 +29,14 @@ if [ "$WEB_SSL" = "true" ] && [ "$NO_DEFAULT" = "false"]; then -nodes \ -x509 \ -subj "/C=FK/ST=Fake/L=Fake/O=Fake/CN=0.0.0.0" \ - -keyout /etc/ssl/privkey.pem \ - -out /etc/ssl/cacert.pem + -keyout /etc/ssl/privkey1.pem \ + -out /etc/ssl/cert1.pem chown www-data:www-data /etc/ssl/cert1.pem chown www-data:www-data /etc/ssl/privkey1.pem else + echo "---------------------------------------------------------" + echo "NGINX: Using certificates in 'nodock/nginx/certs/'" + echo "---------------------------------------------------------" if [ -e /var/certs/cert1.pem ]; then cp /var/certs/cert1.pem /etc/ssl/cert1.pem fi