diff --git a/tengine/nginx/Dockerfile b/tengine/nginx/Dockerfile index cc569c296b214c4b9b08d189ae4b6bbb1013df99..8156a9a707b808636cc165894cea30f96b67e08d 100644 --- a/tengine/nginx/Dockerfile +++ b/tengine/nginx/Dockerfile @@ -25,8 +25,8 @@ RUN apt-get update && apt-get install -y openssl libjemalloc-dev libpcre3 \ && ln -sf /dev/stdout /usr/local/nginx/logs/access.log \ && ln -sf /dev/stderr /usr/local/nginx/logs/error.log -#COPY schbrain.com.key /usr/local/nginx/conf/schbrain.com.key -#COPY schbrian.com.pem /usr/local/nginx/conf/schbrain.com.pem +COPY schbrain.com.key /usr/local/nginx/conf/schbrain.com.key +COPY schbrain.com.pem /usr/local/nginx/conf/schbrain.com.pem COPY nginx.conf /usr/local/nginx/conf/nginx.conf ENV NGINX_HOME /usr/local/nginx diff --git a/tengine/nginx/nginx.conf b/tengine/nginx/nginx.conf index 3b855d5d9e2a2d6de52377721bf706ecbd9bc424..910c77fad06e82e1675270317af78d86456a07f4 100644 --- a/tengine/nginx/nginx.conf +++ b/tengine/nginx/nginx.conf @@ -49,6 +49,28 @@ http { #access_log logs/host.access.log main; + location / { + root /var/html_root_80; + index index.html; + } + } + + # HTTPS server + + server { + listen 443 ssl; + server_name www.schbrain.com; + + ssl_certificate schbrain.com.pem; + ssl_certificate_key schbrain.com.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + location / { root /var/html_root; index index.html; @@ -58,31 +80,5 @@ http { proxy_pass http://localhost:8080; } } - - # HTTPS server - # - #server { - # listen 443 ssl; - # server_name www.schbrain.com; - - # ssl_certificate schbrain.com.pem; - # ssl_certificate_key schbrain.com.key; - - # ssl_session_cache shared:SSL:1m; - # ssl_session_timeout 5m; - - # ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; - # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - # ssl_prefer_server_ciphers on; - - # location / { - # root /var/html_root; - # index index.html; - # } - - # location /api { - # proxy_pass http://localhost:8080; - # } - #} } diff --git a/tengine/nginx/schbrain.com.key b/tengine/nginx/schbrain.com.key new file mode 100644 index 0000000000000000000000000000000000000000..dd038d7bbbcb4797f2aff946573a61d81c74a45e --- /dev/null +++ b/tengine/nginx/schbrain.com.key @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAi5w857xEGjCPI/E+xwk+0+lULTB0TTQhpkIEVvCRV32oC6L+ +Let7JhTIbpJmi4VvXrD5iBZazto9c/AZCpgppBlz4Yp2ptAFUrPn94aI2/Ze+Iuo +05+H/BK6p7asGksYLMxVs9YADa9D+5wq87RS4661mme+WNXmOgdNj+VPJrNRuw/W +4GiVF9OYp9mDl71pDjTMq2JwQVMCmtG6yTUnPOAk1eVeKNEjSGV6mCUCf1+8jrj7 +IvizBWy5ORGGHQfrCiHU+JPM/Gnp1xYXTAVUV+Ib92nWEOIJh5iHiZvFAi4NMSwf +WvaeCHFGpwrEYSJ/cbE2FKmuu6V8nS6dXJ7XvwIDAQABAoIBACRVZQRqWs72FEqm +XlAud8tuzhl0os/04U0DoV1+/lRmv3VH1h7dSg9/GSqtr0JgV7utE0P3jWqIIbYq +plm7gBrVBPONtZN0T+5WI+inerbER7MnpahtvFY+CZXcVK4DHSeLhkJnT1xAYND6 +s7L5GxlmPp0Qotk70c8IV4c7hn3rh9pR77xJWQCBPmvyTwkRWo+2N/EhSAeo6SHc +OV0rdNlEdfXX8vxn+jfTCW9sTtQcmid1qabDNRjRhmCb31/fwtOcICtd5T/xG5m6 +hz6d05mUWIRlW/AL66ljCDncBZ4aqt3TgsOCG7AUQYywhOpOmSNAbk3ZCr8LuYqj +PLPo6QECgYEA8Y7xrXJiKJ/q7EvVZKLM0DPfEv1Ew/on/zgDfrKl/Oy898k1aHnv +07mKv9H3rxxvFrSLZvi8iRAtFAwjVW4PyVVGuk6KU/K+9MDAxLKvN/S+XSc+987L +HBYYHzucaMfAt3vUYK/69YbBBYLV4Wv4n83q6NZ1yaOc2GcAeIzVBRUCgYEAk/T5 +/QdYPEpd4fSAHRrgsVUKNAvgTBVxXYVOi+rHkfyqZF6cIoacScwiRoEq81H1PJsF +dP/GjXCWHH+CH3TdrLPpN16ort0lBUE6aUamDC+g1QQSXi1RlqtlugCa/EGgl59F +9v9xWAYDFPCLE4uvWGhQXVve/jAxGRG5zQyzxoMCgYEAiW4QJeQb4I0LNSD36WeO +Ky43zi/1/aHHO7b8lgrB0SJHaJo7HpOxVL4NKJEm36PHuB1D6nO9oCVp4Cv/tk0G +Aj/YG4svvA8xgUJg6gfXFHjUDV+UvZwThokzdCGQHTT4eeujqta0axgdnSsQ0E2D +iDe5XHsXTH8fbyc651sInvkCgYBRUIe7qjeyGuTx8+AdHtJyY1xSMly5M+e0EDmU +6Bl6gDRdKSoCR5zJailEOmUSiO6QuloLbS8AOOonC2TGSQIzkkUQKzPltqBL/QdP +KIbFl796ktxNafa3KcekrASBssfBzMU09Dqkt9klvvWQbmqV2e6hAIbTiETTlExb +ByoeZQKBgQDnz/wmoq7OlIW2QmsYeQNaWdBEiPVs6shdgKfKhWzSYx0BqqaiUdr6 +kXQePcNchIPLRhLSuzqPpohoj7FTLiJ7Mc80jHWNicFjuj4DR2Xyw3Y+BxwQwzJl +ynvD14Xt68vmP40tQezIRFV49N2T7oiF/lBlc+MXMqg/0urZBGWWIg== +-----END RSA PRIVATE KEY----- + diff --git a/tengine/nginx/schbrain.com.pem b/tengine/nginx/schbrain.com.pem new file mode 100644 index 0000000000000000000000000000000000000000..7c0a799dd8e8342b94e9d18ae71f0e27272377b8 --- /dev/null +++ b/tengine/nginx/schbrain.com.pem @@ -0,0 +1,57 @@ +-----BEGIN CERTIFICATE----- +MIIErzCCA5egAwIBAgIQAehuBwMIY7GHsEFVxQsQWTANBgkqhkiG9w0BAQsFADBe +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe +Fw0xNzEyMTkwMDAwMDBaFw0xODEyMTkxMjAwMDBaMBkxFzAVBgNVBAMMDiouc2No +YnJhaW4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5w857xE +GjCPI/E+xwk+0+lULTB0TTQhpkIEVvCRV32oC6L+Let7JhTIbpJmi4VvXrD5iBZa +zto9c/AZCpgppBlz4Yp2ptAFUrPn94aI2/Ze+Iuo05+H/BK6p7asGksYLMxVs9YA +Da9D+5wq87RS4661mme+WNXmOgdNj+VPJrNRuw/W4GiVF9OYp9mDl71pDjTMq2Jw +QVMCmtG6yTUnPOAk1eVeKNEjSGV6mCUCf1+8jrj7IvizBWy5ORGGHQfrCiHU+JPM +/Gnp1xYXTAVUV+Ib92nWEOIJh5iHiZvFAi4NMSwfWvaeCHFGpwrEYSJ/cbE2FKmu +u6V8nS6dXJ7XvwIDAQABo4IBrDCCAagwHwYDVR0jBBgwFoAUU8oXWfxrwAMhLxqu +5KqoHIJW2nUwHQYDVR0OBBYEFLgbPOOFGYjiFBQA4W3ZebM0Imx9MCcGA1UdEQQg +MB6CDiouc2NoYnJhaW4uY29tggxzY2hicmFpbi5jb20wDgYDVR0PAQH/BAQDAgWg +MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAv +hi1odHRwOi8vY2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmww +TAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93 +d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYG +CCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcw +AoYxaHR0cDovL2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4 +LmNydDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCYHElPjL6IzsqqSTyN +NsuwtIh066QsFc8bQ+0JLg4OsMvUwTphIpH22A7+rawDh0IO3lDHkAPaMxQJHJqY +4HN/ns5rFO9yMWYGbYYCwkeAnSiOuNT/ObcnLGTUAxQ1AsqNN+tB2ntowPhUJETt +xY8bZUCcjBYZoy8oORuHjgEmXd7zPV0HjV0Jbiuuw/As4de//myC5sKh98/J4sOc +YVVCWnQkg89GJi0r5v+twSaskMRJbnL4XTTkC2Z1udg0jD4mDBq+ir0x86UXT7rp +M8dHpO0XWLwltF0rdrv1EQMf6V58BdyCn0jTrUo6pHrKuAzPOkkPVcAIZJPec5XM +LPwF +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n ++MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28 +OeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK +MFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki +f2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik +KB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw +HQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW +0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF +BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo +MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E +OzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i +YWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH +AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG +BmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc +YWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ +/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG +hs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry +qv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ +ysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX +TVyMnGo= +-----END CERTIFICATE----- +