Skip to content

Commit

Permalink
use of https
Browse files Browse the repository at this point in the history
  • Loading branch information
@Unischneider
Unischneider committed Oct 31, 2024
1 parent e4009fb commit 3717faa
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 3 deletions.
4 changes: 2 additions & 2 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ services:
image: "ghcr.io/ls1intum/angelos-ui:latest"
container_name: angelos-ui
ports:
- "80:80"
- "443:443"
expose:
- "80"
- "443"
networks:
- angelos-network

Expand Down
27 changes: 26 additions & 1 deletion nginx.conf
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,31 @@
server {
listen 80;
listen [::]:80;
server_name chatbot.ase.cit.tum.de www.chatbot.ase.cit.tum.de;

listen 80;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name chatbot.ase.cit.tum.de www.chatbot.ase.cit.tum.de;

# SSL Certificate files
ssl_certificate /var/lib/rbg-cert/live/host:f:asevm83.cit.tum.de.cert.pem;
ssl_certificate_key /var/lib/rbg-cert/live/host:f:asevm83.cit.tum.de.privkey.pem;

# SSL Settings (recommended for security)
# ssl_dhparam /etc/nginx/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
# ssl_early_data on;
location / {
root /usr/share/nginx/html;
index index.html;
Expand Down

0 comments on commit 3717faa

Please sign in to comment.