kanglai
/
kicc-workflow-design
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

chore: ssl Deployment

master
wangxiang 2 years ago
parent
b6bdb0d504
commit
304b835204
No known key found for this signature in database
GPG Key ID: 1BA7946AB6B232E4
4 changed files with 107 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      docker/Dockerfile
  2. 20
      docker/default.conf
  3. 27
      docker/secret/ssl.key
  4. 61
      docker/secret/ssl.pem

1
docker/Dockerfile
Unescape View File

@ -1,6 +1,7 @@ @@ -1,6 +1,7 @@
FROM nginx
COPY ./dist /data
COPY ./secret /secret
RUN rm /etc/nginx/conf.d/default.conf

20
docker/default.conf
Unescape View File

@ -1,14 +1,24 @@ @@ -1,14 +1,24 @@
server {
# 自定义访问端口
listen 3002;
listen 3002 ssl;
client_max_body_size 100M;
# 服务名称
server_name localhost;
server_name kicc.kanglailab.com;
# 代理访问根地址
root /data;
# ssl证书地址
ssl_certificate /secret/ssl.pem; # pem文件的路径
ssl_certificate_key /secret/ssl.key; # key文件的路径
# ssl验证相关配置
ssl_session_timeout 5m; #缓存有效期
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
#设置转发请求头参数
proxy_connect_timeout 15s;
proxy_send_timeout 15s;
@ -16,6 +26,12 @@ server { @@ -16,6 +26,12 @@ server {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
error_page 497 https://$host$request_uri;
# Nginx 服务器上的 CORS(跨源资源共享)配置
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,Cache-Control,X-Mx-ReqToken,X-Requested-With';
add_header 'Access-Control-Allow-Methods' '*';
# 代理访问
location / {

27
docker/secret/ssl.key
Unescape View File

@ -0,0 +1,27 @@ @@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAv4FqBfyUlNxtsL1Rv2ybsRPGRpPgUs8kXEQEacxk4zj98z53
NBO6v547pxZCZQpX0V2g8tel9LSalJfzeU5lFmUWo8fIb/KJL3XIAtE6JDCne+2M
sgliRyUFizwoQhyjiDoBU38Dh4jPzuldynsrqtkwdoV+mi6vreOYTTvq7mXTJPvO
V2MKbpcPrO4JMTUr5gIiEIWIddnnrlQUCBZtpei6AYxz9LfTdzNC0L+LeUNLQK0y
KWPEzPbyh90XTgBKGx5d5NDwvgK2fVKOUeKyDuMS5pflzlBrez/tsSIJlMycf+Ol
usUgdVpD+ionmwleEbFIX19kwPxJdOhKLKN/owIDAQABAoIBAB3MT8iFsELnd6Pw
GWe9SQ6JIql5ugZ4l9JJfRxPQwV+KTmvpxGx3jWRs/uAQa2CKf74YCJZPsfwUDs9
15MxCRaufRLX887DgOgjHg+eKbtW3MCySlmrjyC92Hp9TlBXL3TzfaBV26E7vwYV
ltP6TWWkrN9MT1JDYG+gweKGp7wXVAG9JmQVJDaW7ikh8rzRDxFV4ssLboyab7y+
AyXKzG3iVDYZQLgHMK/4iuuw5GB5fAIbjSCBRwUdqWsJHTGLD/7iEjdS98Q6eR5R
+4FUoxuJSKgIUr6dEVo4DuJhnGwtNKseKZztKovkO35mEr+WoEkP+TfGh0CEfNAl
cgMaDJkCgYEA6JOEt2lE4tEP3DRgWRE9ml6axteIZH4t6O4BWibiQjZpV/U9M9Km
/qfIF1x4Qs6x+7V49WdpnWJwEj9qgCfJgIlpkFHnt9wDpv46kvnFPHxi2k+NMiHH
rITyRD2zcXarX/mPmso9GQTEaqGEdUVfIlOh3UklgeS/SCwloOJFr6kCgYEA0sr5
lygR6+ygucoQZW7pjPmkOxQUfCuQBT+u2UPNRkrdNSA+QnK6URwOUxm1DNvgMEL6
UOo78FpOE7dutMF25wr4ay49FJoxPC/mZJK3nPTWMrUq1z+JVjUqoF1dlBgDhFb1
/yNsUJEdBoFjwbtj63EibX2WIX5+RIKH/SMm9GsCgYBkilkGHLjNwIi1reK0vjI+
SIVqTgRFRRK9rh3hhgurifASOQ7jFz5fudJS3wOSBd6FLJcEp1bN1Z8TFF0K16hR
K5X58J5WKgNeLmrN3LG6Cx+Etn0YXef+mV5Nx8qJ0z4UeELvLFwrM5dhbT9gnsOY
iETh71wKggN6xLLjkM2FOQKBgQCwH5Pnbj17KF0qnuCQP9m4RqWoDyEGlsdg+1K2
ieYsA0VMrEIY9w8h0hVN7b7OnbB14qCPlwa5zlpKMwu2z6bvaMUjmKDEZAkbRtJz
2fq8k/2cpK7E5ntzojyZfSlBIcdefeJQaWKI9paP5vBY4J+eCws+/J3CIpSR3ZaO
NR7JPQKBgGaxRPBoODtViQNSgELQwtvl9b7wfjrq9zr+QDu7IliJHTO2EHr5c0BT
xHVDwKbwhYTXu7FY/UDiVi9qJarna2a3hDhxTuXNcIsMcY8j7ehBtwcEQUh3XHkl
rlDMifkgcIbspSzLfpZMt3WtlLPRN/Zd6R3NpsYBXb8y7FgrevCv
-----END RSA PRIVATE KEY-----

61
docker/secret/ssl.pem
Unescape View File

@ -0,0 +1,61 @@ @@ -0,0 +1,61 @@
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIQCd3UR/8eiz+PnIuPMYAJTzANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzEwHhcNMjMwNzExMDAwMDAwWhcNMjQwNzEwMjM1OTU5WjAe
MRwwGgYDVQQDExNraWNjLmthbmdsYWlsYWIuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAv4FqBfyUlNxtsL1Rv2ybsRPGRpPgUs8kXEQEacxk4zj9
8z53NBO6v547pxZCZQpX0V2g8tel9LSalJfzeU5lFmUWo8fIb/KJL3XIAtE6JDCn
e+2MsgliRyUFizwoQhyjiDoBU38Dh4jPzuldynsrqtkwdoV+mi6vreOYTTvq7mXT
JPvOV2MKbpcPrO4JMTUr5gIiEIWIddnnrlQUCBZtpei6AYxz9LfTdzNC0L+LeUNL
QK0yKWPEzPbyh90XTgBKGx5d5NDwvgK2fVKOUeKyDuMS5pflzlBrez/tsSIJlMyc
f+OlusUgdVpD+ionmwleEbFIX19kwPxJdOhKLKN/owIDAQABo4IC4jCCAt4wHwYD
VR0jBBgwFoAUVXRPsnJP9WC6UNHX5lFcmgGHGtcwHQYDVR0OBBYEFEr7Uu2aYP03
3jwRgau6oHbho1ykMB4GA1UdEQQXMBWCE2tpY2Mua2FuZ2xhaWxhYi5jb20wDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNV
HSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDov
L29jc3AuZGlnaWNlcnQuY29tMEoGCCsGAQUFBzAChj5odHRwOi8vY2FjZXJ0cy5k
aWdpY2VydC5jb20vRW5jcnlwdGlvbkV2ZXJ5d2hlcmVEVlRMU0NBLUcxLmNydDAJ
BgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVc
t520zROiModGfLzs3sNRSFlGcR+1mwAAAYlE6nV/AAAEAwBHMEUCICLfvgTkH5+9
26HHK9OZttW3+ro29cFkRotfJ5L1HFVTAiEA/286k4UJ7NELqGK9h9cA+0RW1urS
a4NpItAnz8ojm2YAdQDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAA
AYlE6nWNAAAEAwBGMEQCHxbjQpt42VdYq3IOGxfkVRuoM888b85dJGT47KYEP2AC
IQCp3jKf9PJSgdXEdb9wESTGVcIRm80JrHUtmR2lMmu+1wB2ADtTd3U+LbmATosw
Wwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABiUTqddkAAAQDAEcwRQIhAMabvTGdsX4y
U9mpZGwNGduN5xNugnaj5AAsGbtlgA6eAiAvWxxbdsBEWjYxkAfJXyYo2ncuJwZC
vJP2qATY/0HaETANBgkqhkiG9w0BAQsFAAOCAQEAnUtijXy1pu+hyTBp9Lgd/lqF
0WF6AWfNZxBvbrLN5a3JxLVcPuk2ioUOGF23l0EwwPPBH9xR1qIPb522YIFWN7Vc
OVgihHFoACaulNk6ykFkGjgTESj4VCeVBkSmknivQaVAyvAN/Tp+5llqAf3KzyYK
gVaqTp/yP918+luSe0V22CcUm88nSDw2Hl3obsMOd0TIfMhQ/oKz4+dI8wkEf+w7
Zax3HXCUpOl1hLiagCRdU01CEqt9SSHLwyisAhUGERbEWv1zJlz/kUZSkQ4ZV3Su
xBsmgJ7VbA/Z27s+YWUe/kel5zGqczCo2c6DYVvcBgkExhd71vG4otnDa8uhCQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc
oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo
lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj
pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h
yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n
wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M
pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf
BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B
SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW
M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV
4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ
sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy
rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg==
-----END CERTIFICATE-----
Write Preview
Loading…
Cancel
Save