[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-grid5k] 55/189: add certificates for nginx
|
From: |
gnunet |
|
Subject: |
[taler-grid5k] 55/189: add certificates for nginx |
|
Date: |
Thu, 28 Apr 2022 10:47:05 +0200 |
This is an automated email from the git hooks/post-receive script.
marco-boss pushed a commit to branch master
in repository grid5k.
commit 458f854ce9a6e46a2eb56191f2152fd4cc62ab70
Author: Boss Marco <bossm8@bfh.ch>
AuthorDate: Thu Mar 10 10:48:42 2022 +0100
add certificates for nginx
---
configs/etc/nginx/sites-enabled/proxy | 7 +++++--
experiment/scripts/proxy.sh | 17 +++++++++++++++--
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/configs/etc/nginx/sites-enabled/proxy
b/configs/etc/nginx/sites-enabled/proxy
index 913ea48..b96c6dc 100644
--- a/configs/etc/nginx/sites-enabled/proxy
+++ b/configs/etc/nginx/sites-enabled/proxy
@@ -22,9 +22,12 @@ map $request_method $log_line {
server {
listen 80;
- listen [::]:80;
+ listen 443 ssl;
- server_name localhost;
+ ssl_certificate /etc/ssl/proxy.cert.pem;
+ ssl_certificate_key /etc/ssl/proxy.key.pem;
+
+ server_name <PROXY_DOMAIN_HERE>;
access_log
syslog:server=localhost,facility=user,tag=taler_proxy,severity=info taler
if=$log_line;
diff --git a/experiment/scripts/proxy.sh b/experiment/scripts/proxy.sh
index 0c13038..191a3f8 100755
--- a/experiment/scripts/proxy.sh
+++ b/experiment/scripts/proxy.sh
@@ -25,7 +25,10 @@ function add_exchanges() {
grep -r " server ${EXCHANGE_DOMAIN}:" /etc/nginx/sites-enabled/proxy | \
wc -l
)
-
+
+ sed -i -e "/<PROXY_DOMAIN_HERE>/${PROXY_DOMAIN}/g" \
+ /etc/nginx/sites-enabled/proxy
+
for i in $(seq ${1}); do
if [[ "${ADDED}" -eq "0" ]] && [[ "${i}" -eq "1" ]]; then
# The first exchange to add is the default one from the target on port 80
@@ -36,10 +39,19 @@ function add_exchanges() {
let "i+=${ADDED}-1"
let "i+=10000"
fi
- sed -i "/<SERVERS_HERE>/a \ \ server ${EXCHANGE_DOMAIN}:${i};" \
+ sed -i -e "/<SERVERS_HERE>/a \ \ server ${EXCHANGE_DOMAIN}:${i};" \
/etc/nginx/sites-enabled/proxy
done
}
+
+function create_cert() {
+ openssl req -new -x509 \
+ -newkey rsa:4096 \
+ -keyout /etc/ssl/proxy.key.pem \
+ -out /etc/ssl/proxy.cert.pem \
+ -sha256 -days 10 -nodes \
+ -subj "/C=CH/ST=Bern/L=Biel/O=TI/CN=${PROXY_DOMAIN}"
+}
# Setup the node and proxy configuration
function setup_config() {
@@ -67,6 +79,7 @@ function setup_config() {
# Initialize and start the proxy
function init_proxy() {
+ create_cert
setup_config
restart_rsyslog
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-grid5k] 65/189: update persistance script, (continued)
- [taler-grid5k] 65/189: update persistance script, gnunet, 2022/04/28
- [taler-grid5k] 113/189: some doc about explain.py, gnunet, 2022/04/28
- [taler-grid5k] 87/189: cflags via variables, gnunet, 2022/04/28
- [taler-grid5k] 100/189: correct time calculation, gnunet, 2022/04/28
- [taler-grid5k] 119/189: add docker-compose to explain-visualizer, gnunet, 2022/04/28
- [taler-grid5k] 83/189: finished configuration for secondary exchanges, gnunet, 2022/04/28
- [taler-grid5k] 123/189: update url's to match node names, gnunet, 2022/04/28
- [taler-grid5k] 81/189: change denominations 1,4,8, gnunet, 2022/04/28
- [taler-grid5k] 04/189: if not exists, gnunet, 2022/04/28
- [taler-grid5k] 09/189: add missing user directory, gnunet, 2022/04/28
- [taler-grid5k] 55/189: add certificates for nginx,
gnunet <=
- [taler-grid5k] 26/189: try to fix sharding issues, gnunet, 2022/04/28
- [taler-grid5k] 51/189: fix exchange service, gnunet, 2022/04/28
- [taler-grid5k] 57/189: update, gnunet, 2022/04/28
- [taler-grid5k] 15/189: fix wallet startup, gnunet, 2022/04/28
- [taler-grid5k] 59/189: configure proxy caching, gnunet, 2022/04/28
- [taler-grid5k] 29/189: fix, gnunet, 2022/04/28
- [taler-grid5k] 25/189: io load reduced, synchronous_commit seems to be the load issue, gnunet, 2022/04/28
- [taler-grid5k] 19/189: update shard sql, gnunet, 2022/04/28
- [taler-grid5k] 08/189: add missing user, gnunet, 2022/04/28
- [taler-grid5k] 10/189: fix, gnunet, 2022/04/28