From 4c599f4fdd0ad5c9255963a2ced94421d8097c7a Mon Sep 17 00:00:00 2001 From: valitovgaziz Date: Thu, 28 Aug 2025 00:48:32 +0500 Subject: [PATCH] modified: serv_nginx/nginx/Dockerfile modified: serv_nginx/nginx/nginx-http.conf modifay dockerfile for get selfsine dummy certificate add redirect from https to http before getting all certs --- serv_nginx/nginx/Dockerfile | 14 ++++++++++++-- serv_nginx/nginx/nginx-http.conf | 15 ++++++++++++++- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/serv_nginx/nginx/Dockerfile b/serv_nginx/nginx/Dockerfile index de83344..debd912 100644 --- a/serv_nginx/nginx/Dockerfile +++ b/serv_nginx/nginx/Dockerfile @@ -1,7 +1,17 @@ FROM nginx:alpine # Установка зависимостей -RUN apk add --no-cache bash +RUN apk add --no-cache bash openssl + +# Создание директории для сертификатов +RUN mkdir -p /etc/nginx/ssl + +# Генерация самоподписанных сертификатов (действительны 365 дней) +RUN openssl req -x509 -nodes -days 365 \ + -newkey rsa:2048 \ + -keyout /etc/nginx/ssl/dummy.key \ + -out /etc/nginx/ssl/dummy.crt \ + -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost" # Копируем обе конфигурации COPY nginx-http.conf /etc/nginx/nginx-http.conf @@ -15,4 +25,4 @@ COPY switch-config.sh /docker-entrypoint.d/switch-config.sh RUN chmod +x /docker-entrypoint.d/switch-config.sh # Создаем необходимые директории -RUN mkdir -p /var/www/certbot +RUN mkdir -p /var/www/certbot \ No newline at end of file diff --git a/serv_nginx/nginx/nginx-http.conf b/serv_nginx/nginx/nginx-http.conf index 687cb6f..5394f04 100644 --- a/serv_nginx/nginx/nginx-http.conf +++ b/serv_nginx/nginx/nginx-http.conf @@ -1,6 +1,6 @@ server { listen 80; - server_name yalarba.ru easysite102.ru valitovgaziz.ru бегущийбашкир.рф begushiybashkir.ru; + server_name yalarba.ru www.yalarba.ru easysite102.ru www.easysite102.ru valitovgaziz.ru www.valitovgaziz.ru xn--80abahjtcfl5d0a8di.xn--p1ai www.xn--80abahjtcfl5d0a8di.xn--p1ai begushiybashkir.ru www.begushiybashkir.ru; location / { root /usr/share/nginx/stub/html; @@ -11,3 +11,16 @@ server { root /var/www/certbot; } } + +# Блок для HTTPS → HTTP редиректа (порт 443) +server { + listen 443 ssl; + server_name yalarba.ru www.yalarba.ru easysite102.ru www.easysite102.ru valitovgaziz.ru www.valitovgaziz.ru xn--80abahjtcfl5d0a8di.xn--p1ai www.xn--80abahjtcfl5d0a8di.xn--p1ai begushiybashkir.ru www.begushiybashkir.ru; + + # Указание пустых сертификатов (обязательно для запуска Nginx) + ssl_certificate /etc/nginx/ssl/dummy.crt; + ssl_certificate_key /etc/nginx/ssl/dummy.key; + + # Редирект всех HTTPS-запросов на HTTP + return 301 http://$host$request_uri; +} \ No newline at end of file