Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add https #44

Open
kporras07 opened this issue Jun 20, 2019 · 0 comments
Open

Add https #44

kporras07 opened this issue Jun 20, 2019 · 0 comments
Assignees
@kporras07
Labels
good first issue

Comments

@kporras07
Copy link
Collaborator

kporras07 commented Jun 20, 2019
edited
Loading

Ideally: Let's Encrypt
At least: locally signed

diff --git a/.ahoy.yml b/.ahoy.yml
index 3f1ceea..2e2dd73 100644
--- a/.ahoy.yml
+++ b/.ahoy.yml
@@ -59,6 +59,16 @@ commands:
       docker-compose up -d
     usage: Destroy and recreate the containers
 
+
+  prepare-certificates:
+    cmd: |
+      mkdir certs
+      cd certs
+      openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cert.key -out cert.crt
+      chmod 644 cert.crt
+      chmod 600 cert.key
+    usage: Prepare certificates
+
   docker:
     usage: A series of docker commands for development
     imports:
diff --git a/.ahoy/docker.ahoy.yml b/.ahoy/docker.ahoy.yml
index 2ab19f1..65b6eaf 100644
--- a/.ahoy/docker.ahoy.yml
+++ b/.ahoy/docker.ahoy.yml
@@ -133,11 +133,11 @@ commands:
       docker stop $(docker ps -a -q --filter name=humpback_proxy) &> /dev/null
       docker rm $(docker ps -a -q --filter name=humpback_proxy) &> /dev/null
       docker run -d -p 8085:8080 -p 80:80 -p 443:443 -v $PWD/traefik.toml:/etc/traefik/traefik.toml \
-        -v $PWD/acme.json:/etc/traefik/acme.json \
+        -v $PWD/certs:/certs \
         -v /var/run/docker.sock:/var/run/docker.sock \
         --network humpback_proxy \
         --name humpback_proxy \
-         traefik:1.7
+         traefik:1.3.5
       if [ $? -ne 0 ]; then
         echo "Proxy startup failed. Is port 8085 or 80 in use?"
         exit 1
diff --git a/.gitignore b/.gitignore
index 170c25c..854e0ef 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,8 @@
 *.tgz
 node_modules
 
+certs
+
 # Lighthouse output
 lighthouse.html
 
diff --git a/traefik.toml b/traefik.toml
index bd1e489..3ca4c00 100644
--- a/traefik.toml
+++ b/traefik.toml
@@ -31,9 +31,14 @@ defaultEntryPoints = ["https", "http"]
 [entryPoints]
     [entryPoints.http]
     address = ":80"
+      [entryPoints.http.redirect]
+      entryPoint = "https"
     [entryPoints.https]
-    address = ":443"
+      address = ":443"
       [entryPoints.https.tls]
+        [[entryPoints.https.tls.certificates]]
+          certFile = "/certs/cert.crt"
+          keyFile = "/certs/cert.key"
 
 # Traefik logs
 # Enabled by default and log to stdout
@@ -157,12 +162,4 @@ exposedbydefault = false
 #  ca = "/etc/ssl/ca.crt"
 #  cert = "/etc/ssl/docker.crt"
 #  key = "/etc/ssl/docker.key"
-#  insecureskipverify = true
-[acme]
-email = "[email protected]"
-storage = "acme.json"
-caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
-entryPoint = "https"
-onHostRule = true
-[acme.httpChallenge]
-  entryPoint = "http"
\ No newline at end of file
+#  insecureskipverify = true
\ No newline at end of file

(Patch won't apply unless you previously had ssl with "Let's Encrypt" which is really not possible. Patch is a guide to implement it)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kporras07 kporras07

Labels
good first issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kporras07