add cert

2026-04-06 00:32:12 +02:00 · 2022-12-06 13:34:15 +05:30
parent 92ad28a7a2
commit 15ead465ce
10 changed files with 26 additions and 60 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -70,3 +70,6 @@ config.env.tmp
 config.env.temp
 docker-compose.yml
 logs.txt
+
+*/Cert.crt
+*/Key.key
--- a/Certs/Readme.md
+++ b/Certs/Readme.md
@@ -0,0 +1,3 @@
+This directory is used for hosting SSL Certs for nginx.
+
+If you need a new certificate. Please have Cert.pem and Key.pem in this folder. 
--- a/CommonServer/Infrastructure/PostgresDatabase.ts
+++ b/CommonServer/Infrastructure/PostgresDatabase.ts
@@ -26,7 +26,7 @@ export default class Database {
            password: DatabasePassword,
            database: DatabaseName,
            entities: Entities,
-            logging: 'all',
+            //logging: 'all',
            synchronize:
                Env === AppEnvironment.Test ||
                Env === AppEnvironment.Development,
--- a/Nginx/Dockerfile.tpl
+++ b/Nginx/Dockerfile.tpl
@@ -1,3 +1,3 @@
 FROM nginx
-COPY ./default.conf /etc/nginx/conf.d/default.conf
-COPY ./certs /etc/nginx/certs
+COPY ./Nginx/default.conf /etc/nginx/conf.d/default.conf
+COPY ./Certs /etc/nginx/certs
--- a/Nginx/certs/nginx.crt
+++ b/Nginx/certs/nginx.crt
@@ -1,22 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIDqjCCApICCQD4LeeaMQDNlDANBgkqhkiG9w0BAQsFADCBljELMAkGA1UEBhMC
-TkcxDjAMBgNVBAgMBUVudWd1MRIwEAYDVQQHDAlBdWd1c3RpbmUxEjAQBgNVBAoM
-CUhhY2tlcmJheTEPMA0GA1UECwwGRGV2b3BzMRIwEAYDVQQDDAlBdWd1c3RpbmUx
-KjAoBgkqhkiG9w0BCQEWG2F1Z3VzdGluZS5pZ3dlQGhhY2tlcmJheS5pbzAeFw0y
-MTEwMDUxOTI1MjNaFw0yMjEwMDUxOTI1MjNaMIGWMQswCQYDVQQGEwJORzEOMAwG
-A1UECAwFRW51Z3UxEjAQBgNVBAcMCUF1Z3VzdGluZTESMBAGA1UECgwJSGFja2Vy
-YmF5MQ8wDQYDVQQLDAZEZXZvcHMxEjAQBgNVBAMMCUF1Z3VzdGluZTEqMCgGCSqG
-SIb3DQEJARYbYXVndXN0aW5lLmlnd2VAaGFja2VyYmF5LmlvMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj8GvBbJqsWwwDiOIvFl3iF6EOts3wIQ6Cn9
-jtIxsTo7lsjjKADXFVM15VNhTdtHwBnv4xdZXXs1ToXIE5apYXRGX6JYnEvvdJyf
-rZ6ZCu0OK2tGu0pLA5CpOCk4F6OaYIXczkLxl6ikPYw1JLTTrvYaN83FvaobXXYV
-cPc19zldw3dgnHWTsxrPiUN2CPAeZ8XkWcbrH2x7WxbRlrgrmrpsav9eSaiUj3E0
-Rp/a2EWEYFDlfTMqGvxXgYAdrb/h5xMQ6guQR+T2/YWN/l3pjOXq7WFLeJAglMPu
-ilLxf6DYbow0HE4J0cfkWcr+M4b0Xi+exntWfTZJLlRu2uqoxwIDAQABMA0GCSqG
-SIb3DQEBCwUAA4IBAQCXJIa74ZG80dcLe+0Opx9XQRZlkkfLjj5umM7LcsPIn2rB
-0vlg0sCfEKrLUrzo8wwAK6BVdjtWI3e6w5f8+RTH3NeCnWMwjflIYYT6oKdRTi5L
-kl8kQsQfuMYCTurzv0ooAGotstFkWSkDYvdXZJIin5PzixoFfjPCQKNwtQgz+NJF
-y2L7iCpSzAKi0+ykem6qL+TmBQ9Zc0NE/XKzQoTBiI+h5Qpd09UWql0ytXjoI0cf
-wdwb+O9A1nWXjTCZwGK2ygcGD/Cm+x7kYrnHyMKBZZzBezI1FWJEid56yC6dGhy2
-PVEWUOFRwEYAJsVRWfE5RBPuffITMVBU1YUldeFR
-----END CERTIFICATE-----
--- a/Nginx/certs/nginx.key
+++ b/Nginx/certs/nginx.key
@@ -1,28 +0,0 @@
-----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2Pwa8FsmqxbDA
-OI4i8WXeIXoQ62zfAhDoKf2O0jGxOjuWyOMoANcVUzXlU2FN20fAGe/jF1ldezVO
-hcgTlqlhdEZfolicS+90nJ+tnpkK7Q4ra0a7SksDkKk4KTgXo5pghdzOQvGXqKQ9
-jDUktNOu9ho3zcW9qhtddhVw9zX3OV3Dd2CcdZOzGs+JQ3YI8B5nxeRZxusfbHtb
-FtGWuCuaumxq/15JqJSPcTRGn9rYRYRgUOV9Myoa/FeBgB2tv+HnExDqC5BH5Pb9
-hY3+XemM5ertYUt4kCCUw+6KUvF/oNhujDQcTgnRx+RZyv4zhvReL57Ge1Z9Nkku
-VG7a6qjHAgMBAAECggEBAIrFXSx1saP+moMTzW9gHzBQj3E4wxLgsN0HtFI/TaVk
-8SD04LuCQES1stFndy1grrbhSR/DlMGw4rti9SGtVFanwjpqFU0WKUTDSndaz7BZ
-J7P6IMbWYF5ble70vAiMBC5BYAwTP4E64a0YCRNlOdb9AKPDZTHxyJqXIuZ85zPS
-yaFV9yIYm8rIY/Yqtj11Iq5MCJHb9JT2lVhruxwSJ5uVZmDxQUGec1m/NuWnTuo/
-QocD00UT5NR8acEyA8Zyrqi+/oEKtSNnlXtveke+1nX58XSrMFt3SRGMc56wSDYn
-cihRgQlC1JJ9XlirPhF0QdPC4ZoMMC/YGoE4IrYZ3BECgYEA61jcFnkAclWmBV1+
-eUFudySuto3eoSz1p/z6EZyOx0SYkIIoRee2ymvuXC1f8eVYIwAVxAKOtoxjnGzk
-6E1FH2sY/ZDNvubHV3hLPzH3jdY0fm/Wi04eQQhCyAg+ZFioVjCSJOwhHtRdXsIE
-z4WZlQgLm7HzBFvuJSP7LDDTGA8CgYEAxj09R+QqX0LUsLvbKtCMc4JHEqOb4Y7i
-xL36/0rFu+f0zDcaygCxPqTgFoVDzkklPdgtfnB+l8MkNoOn0W15+roU8zrTLO7b
-k1jRZti0u4wXhJPX/gEHBMsL09qGuq72X4N2tyDuD70+7vje8NrSqhheBlktbqhS
-OCc/XrF568kCgYB+Oq/5QbdSm8urTwU55jVoo/0tnxRM4H92NcKu1YjjKlCmGZme
-PPUWxyMWv6OZa8iFJVOHSVPgZ5Y53VI9oswzWM8Tmaow/TjoGnZJk/RSWBTZyASL
-vT+O4+5lub41NjQ73ltUgG4XShI2c9v+roq8m48WWDCfIuutcgoTHrDqUwKBgBUS
-MU9Q60gQ3HakoRkd7a/haxiKF2mUPHpZDzLPidD9SMHkIY7TIAPelosOQzTMBY9b
-SQqlfm83KMQ6nj3eexaxbMSlvgiKowA4cpmR8zP0IhPPeyfeiBZ0Vp+AHM3/BuUE
-Hjw83dECdowEG/5R5A58ZJIcLH4Umhip40x3ZNQxAoGAKmK/FhF8xZwEZv9G9G3S
-R8fYw3Pl2bdMwnRmbevcznGT5kVvsvimLDWmDidRbGewG48OGmnCqVFXg/J/09Lk
-vuu6yNP3+1UgGHF8nk0/jYlSiBjcq1id7s6Yilm4Dmnzh+SG0DaoCdEVkobuK0GU
-V9RUkyM2WILPZpBsi9LQofs=
-----END PRIVATE KEY-----
--- a/Nginx/default.conf
+++ b/Nginx/default.conf
@@ -31,7 +31,9 @@ upstream workers {
 }

 server {
-    listen 443 default_server; # Port HTTPS
+    listen 443 default_server ssl; # Port HTTPS
+    ssl_certificate /etc/nginx/certs/Cert.pem;
+    ssl_certificate_key /etc/nginx/certs/Key.pem;
    listen 80 default_server;
    server_name  _; # All domains. 

@@ -61,10 +63,9 @@ server {
    listen 80;
    server_name localhost; 

-    ssl_certificate /etc/nginx/certs/nginx.crt; 
-    ssl_certificate_key /etc/nginx/certs/nginx.key;
-
-
+    ssl_certificate /etc/nginx/certs/Cert.crt; 
+    ssl_certificate_key /etc/nginx/certs/Key.key;
+    
    proxy_busy_buffers_size   512k;
    proxy_buffers   4 512k;
    proxy_buffer_size   256k;
--- a/Scripts/Install/GenerateSslCertificate.ts
+++ b/Scripts/Install/GenerateSslCertificate.ts
--- a/docker-compose.tpl.yml
+++ b/docker-compose.tpl.yml
@@ -390,7 +390,7 @@ services:
        build:
            dockerfile: Dockerfile
            network: host
-            context: ./Nginx
+            context: .
        ports:
            - '80:80'
            - '443:443'
--- a/preinstall.sh
+++ b/preinstall.sh
@@ -142,9 +142,18 @@ if [[ ! $(which ts-node) ]]; then
    sudo npm install -g ts-node
 fi

-
 cd oneuptime

+# Generate Self Signed SSL certificate. 
+
+CERT=./Certs/Cert.crt
+if test -f "$CERT"; then
+    echo "SSL Certificate exists. Skipping generating a new one."
+else
+    echo "SSL Certificate not found. Generating a new certificate."
+    openssl req -new -x509 -nodes -out ./Certs/Cert.crt -keyout ./Certs/Key.key
+fi
+
 # Create .env file if it does not exist. 
 touch config.env