From eaaa500ca1701e5f012daa51e1b329aa768ea7fa Mon Sep 17 00:00:00 2001 From: KarimRahoMekdad Date: Fri, 12 Apr 2024 17:59:39 +0200 Subject: [PATCH 1/3] =?UTF-8?q?lecture=20de=20cl=C3=A9=20et=20certificat?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .nuxt/app.config.mjs | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .nuxt/app.config.mjs diff --git a/.nuxt/app.config.mjs b/.nuxt/app.config.mjs new file mode 100644 index 0000000..4a65294 --- /dev/null +++ b/.nuxt/app.config.mjs @@ -0,0 +1,20 @@ + +import { defuFn } from 'C:/Users/karim/Documents/Stage_UR/ProjetMilestone/Unitystation-MillstoneSteam/node_modules/defu/dist/defu.mjs' + +import fs from 'fs' +require('dotenv').config() + +const httpsConfig = { + server: { + https: { + key: fs.readFileSync(process.env.KEY_PATH), + cert: fs.readFileSync(process.env.CERT_PATH) + } + } + } + +const inlineConfig = {} + + + +export default defuFn(inlineConfig, httpConfig) From 030c7218023e26b95d5cfc382195c70039da5b49 Mon Sep 17 00:00:00 2001 From: mortifia Date: Wed, 17 Apr 2024 19:13:59 +0200 Subject: [PATCH 2/3] https example --- Caddyfile | 3 +++ docker-compose.yml | 31 +++++++++++++++++++++++++++---- 2 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 Caddyfile diff --git a/Caddyfile b/Caddyfile new file mode 100644 index 0000000..425ef14 --- /dev/null +++ b/Caddyfile @@ -0,0 +1,3 @@ +milestone.unionrolistes.fr localhost 127.0.0.1 { + reverse_proxy app:3000 +} diff --git a/docker-compose.yml b/docker-compose.yml index c3904e7..f6514b7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,19 +2,42 @@ version: '3.8' services: - app: + app: build: . - env_file: - - .env + # env_file: + # - .env image: app container_name: app ports: - "3000:3000" restart: always networks: - - default + - private volumes: - ./prisma/milestone.db:/app/.output/server/prisma/milestone.db + cadddy: + image: caddy:2.7-alpine + container_name: caddy + cap_add: + - NET_ADMIN + ports: + - "80:80" + - "443:443" + - "443:443/udp" + restart: unless-stopped + networks: + - default + - private + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile + - caddy_data:/data + - caddy_config:/config +volumes: + caddy_data: + caddy_config: +networks: + private: + driver: bridge From f6e0a657d73cca5ac9a2523e2588082b0801fef4 Mon Sep 17 00:00:00 2001 From: KarimRahoMekdad Date: Mon, 17 Mar 2025 13:23:07 +0100 Subject: [PATCH 3/3] Ajout script pour installer un cert ssl sur le server ovh apache --- .default | 5 +++++ install_ssl.sh | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 .default create mode 100644 install_ssl.sh diff --git a/.default b/.default new file mode 100644 index 0000000..6925e87 --- /dev/null +++ b/.default @@ -0,0 +1,5 @@ +# This is an example of .env file whith the variables it must contain + +ADMIN_NAME="xxxxxx" +ADMIN_PASSWORD="$2b$10$xxxxxxxxxxx" +JWT_SECRET="xxxxxxx" \ No newline at end of file diff --git a/install_ssl.sh b/install_ssl.sh new file mode 100644 index 0000000..87f0f6f --- /dev/null +++ b/install_ssl.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +# Définition des couleurs pour les messages +GREEN="\e[32m" +YELLOW="\e[33m" +RED="\e[31m" +RESET="\e[0m" + +echo -e "${GREEN}🔹 Activation de HTTPS sur Apache (Debian) 🔹${RESET}" + +# Vérifier si l'utilisateur est root +if [[ $EUID -ne 0 ]]; then + echo -e "${RED}❌ Ce script doit être exécuté en tant que root.${RESET}" + exit 1 +fi + +# Demander le nom de domaine +read -p "🔹 Entrez le nom de domaine (ex: monsite.com) : " DOMAIN + +if [[ -z "$DOMAIN" ]]; then + echo -e "${RED}❌ Aucun domaine saisi. Script annulé.${RESET}" + exit 1 +fi + +# Vérifier et installer Certbot si absent +if ! command -v certbot &> /dev/null; then + echo -e "${YELLOW}🛠️ Installation de Certbot...${RESET}" + apt update && apt install -y certbot python3-certbot-apache +else + echo -e "${GREEN}✅ Certbot est déjà installé.${RESET}" +fi + +# Générer le certificat SSL avec Certbot +echo -e "${YELLOW}🔹 Obtention du certificat SSL pour $DOMAIN...${RESET}" +certbot --apache -d "$DOMAIN" + +if [[ $? -ne 0 ]]; then + echo -e "${RED}❌ Échec de la génération du certificat. Vérifiez que votre domaine pointe bien vers ce serveur.${RESET}" + exit 1 +fi + +echo -e "${GREEN}✅ Certificat SSL installé avec succès !${RESET}" + +# Vérifier si le renouvellement automatique est actif +echo -e "${YELLOW}🔹 Vérification du renouvellement automatique...${RESET}" +if systemctl list-timers | grep -q certbot; then + echo -e "${GREEN}✅ Le renouvellement automatique du certificat SSL est actif.${RESET}" +else + echo -e "${RED}❌ Le renouvellement automatique n'est pas activé ! Ajoutons-le...${RESET}" + systemctl enable certbot.timer + systemctl start certbot.timer + echo -e "${GREEN}✅ Le renouvellement automatique est maintenant activé.${RESET}" +fi + +# Redémarrer Apache pour appliquer les changements +echo -e "${YELLOW}🔄 Redémarrage d'Apache...${RESET}" +systemctl restart apache2 + +echo -e "${GREEN}🎉 HTTPS activé et renouvellement automatique configuré pour $DOMAIN ! ${RESET}" +echo -e "${GREEN}🔗 Testez votre site en HTTPS : https://$DOMAIN ${RESET}"