From a5875e731dfb6df707870564fd750dcbd0a36ea5 Mon Sep 17 00:00:00 2001 From: Matthew Walowski Date: Tue, 2 Dec 2025 18:02:35 -0600 Subject: [PATCH] start changing nginx config --- .ebextensions/ssl.config | 18 ++++++++++++++++++ docker-compose.yml | 5 ++++- nginx/nginx.conf | 13 +++++++++++++ 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 .ebextensions/ssl.config diff --git a/.ebextensions/ssl.config b/.ebextensions/ssl.config new file mode 100644 index 00000000..1f459d89 --- /dev/null +++ b/.ebextensions/ssl.config @@ -0,0 +1,18 @@ +files: + "/etc/nginx/certs/server.crt": + mode: "000644" + owner: root + group: root + content: | + -----BEGIN CERTIFICATE----- + ${SERVER_CRT} + -----END CERTIFICATE----- + + "/etc/nginx/certs/server.key": + mode: "000600" + owner: root + group: root + content: | + -----BEGIN PRIVATE KEY----- + ${SERVER_KEY} + -----END PRIVATE KEY----- diff --git a/docker-compose.yml b/docker-compose.yml index 106e0466..00c47084 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -35,8 +35,11 @@ services: nginx: build: ./nginx + volumes: + - ./certs:/etc/nginx/certs:ro ports: - - 8080:80 + - 80:80 + - 443:443 restart: always depends_on: - prosthetics_web_app diff --git a/nginx/nginx.conf b/nginx/nginx.conf index afbd3f7e..2afa3d66 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -3,9 +3,22 @@ events { } http { + # Redirect all HTTP to HTTPS server { listen 80; + server_name www.hearing.3dp4me-software.org hearing.3dp4me-software.org + www.prosthetics.3dp4me-software.org prosthetics.3dp4me-software.org + www.pt.3dp4me-software.org pt.3dp4me-software.org; + return 301 https://$host$request_uri; + } + + server { + listen 443 ssl http2; server_name www.hearing.3dp4me-software.org hearing.3dp4me-software.org; + + ssl_certificate /etc/nginx/certs/server.crt; + ssl_certificate_key /etc/nginx/certs/server.key; + location / { client_max_body_size 100G; proxy_pass http://hearing_aid_web_app:5050/;