valitovgaziz/tp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: serv_nginx/nginx/Dockerfile

Browse Source 
modified:   serv_nginx/nginx/nginx-http.conf
modifay dockerfile for get selfsine dummy certificate
add redirect from https to http before getting all certs
This commit is contained in:
valitovgaziz
2025-08-28 00:48:32 +05:00
parent 3789a850c2
commit 4c599f4fdd
2 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
serv_nginx/nginx/Dockerfile
+12 -2
View File
@@ -1,7 +1,17 @@
FROM nginx:alpine FROM nginx:alpine
# Установка зависимостей # Установка зависимостей
RUN apk add --no-cache bash RUN apk add --no-cache bash openssl
# Создание директории для сертификатов
RUN mkdir -p /etc/nginx/ssl
# Генерация самоподписанных сертификатов (действительны 365 дней)
RUN openssl req -x509 -nodes -days 365 \
-newkey rsa:2048 \
-keyout /etc/nginx/ssl/dummy.key \
-out /etc/nginx/ssl/dummy.crt \
-subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
# Копируем обе конфигурации # Копируем обе конфигурации
COPY nginx-http.conf /etc/nginx/nginx-http.conf COPY nginx-http.conf /etc/nginx/nginx-http.conf
@@ -15,4 +25,4 @@ COPY switch-config.sh /docker-entrypoint.d/switch-config.sh
RUN chmod +x /docker-entrypoint.d/switch-config.sh RUN chmod +x /docker-entrypoint.d/switch-config.sh
# Создаем необходимые директории # Создаем необходимые директории
RUN mkdir -p /var/www/certbot RUN mkdir -p /var/www/certbot
serv_nginx/nginx/nginx-http.conf
+14 -1
View File
@@ -1,6 +1,6 @@
server { server {
listen 80; listen 80;
server_name yalarba.ru easysite102.ru valitovgaziz.ru бегущийбашкир.рф begushiybashkir.ru; server_name yalarba.ru www.yalarba.ru easysite102.ru www.easysite102.ru valitovgaziz.ru www.valitovgaziz.ru xn--80abahjtcfl5d0a8di.xn--p1ai www.xn--80abahjtcfl5d0a8di.xn--p1ai begushiybashkir.ru www.begushiybashkir.ru;
location / { location / {
root /usr/share/nginx/stub/html; root /usr/share/nginx/stub/html;
@@ -11,3 +11,16 @@ server {
root /var/www/certbot; root /var/www/certbot;
} }
} }
# Блок для HTTPS → HTTP редиректа (порт 443)
server {
listen 443 ssl;
server_name yalarba.ru www.yalarba.ru easysite102.ru www.easysite102.ru valitovgaziz.ru www.valitovgaziz.ru xn--80abahjtcfl5d0a8di.xn--p1ai www.xn--80abahjtcfl5d0a8di.xn--p1ai begushiybashkir.ru www.begushiybashkir.ru;
# Указание пустых сертификатов (обязательно для запуска Nginx)
ssl_certificate /etc/nginx/ssl/dummy.crt;
ssl_certificate_key /etc/nginx/ssl/dummy.key;
# Редирект всех HTTPS-запросов на HTTP
return 301 http://$host$request_uri;
}