HTTPS hinzufügen
Beschreibung:
Beschreibung:
Damit PsuhPush und Kamera funktioniert muss HTTPS benutzt werden.
Implementierung:
Implementierung:alles stoppen
docker-compose downdocker file anpassen
EinenIn caddyder Teildocker-compose Datei nginx Container hinzufügen und:
nano webserver noch folgende Verzeichnisse hinzufügen:/root/storageboxx/docker-compose.ymlUnsere neue Docker file
version: '3.8'
services:
web:
build:
context: .
dockerfile: Dockerfile
container_name: storageboxx_web
ports:
- "80:80"
volumes:
- ./html:/var/www/html
- ./caddy_data:/data # Caddy benötigt diesen Ordner für seine Konfiguration
- ./caddy_config:/config # Caddy benötigt diesen Ordner für seine Konfiguration
environment:
- APACHE_DOCUMENT_ROOT=/var/www/html
depends_on:
- db
db:
image: mariadb:latest
container_name: storageboxx_db
restart: always
environment:
MYSQL_DATABASE: storageboxx
MYSQL_USER: user
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpassword
volumes:
- ./db_data:/var/lib/mysql
caddy:nginx:
image: caddy:latestnginx:stable
container_name: caddy_proxynginx-proxy
volumes:
- ./nginx-proxy.conf:/etc/nginx/nginx.conf:ro
- ./certs/selfsigned.crt:/etc/ssl/certs/selfsigned.crt:ro
- ./certs/private.key:/etc/ssl/private/private.key:ro
ports:
- "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./caddy_data:/data
- ./caddy_config:/config
environment:
- CADDY_TLS_CERTIFICATE=/etc/caddy/selfsigned.crt
- CADDY_TLS_PRIVATE_KEY=/etc/caddy/selfsigned.key
depends_on:
- web
restart: unless-stoppedNun die Caddy config Verzeichnisse und das Certcert VerzeichnissVerzeichnis erstellen
mkdir -p /root/storageboxx/caddy_config
mkdir -p /root/storageboxx/caddy_data
mkdir -p /root/storageboxx/caddy_certscertsNun die Caddyfilengninx conf erstellen
nano /root/storageboxx/Caddyfilenginx-proxy.confInhalt
events {
#worker_connections Globale1024;
Einstellungen}
http_porthttp 80{
https_portserver {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 auto_httpsssl;
offssl_certificate #/etc/ssl/certs/selfsigned.crt;
Automatischesssl_certificate_key HTTPS/etc/ssl/private/private.key;
deaktivierenlocation / {
proxy_pass http://web:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 100M;
}
localhost {
tls /data/selfsigned.crt /data/selfsigned.key
reverse_proxy web:80}
}
192.168.178.187 {
tls /data/selfsigned.crt /data/selfsigned.key
reverse_proxy web:80
}
Nun das Zertifikat erstellen
openssl req -newkey rsa:4096 -x509 -nodessha256 -days 365000 -newkeynodes rsa:2048-out /root/storageboxx/certs/selfsigned.crt -keyout /root/storageboxx/caddy_certs/selfsigned.certs/private.keyDie Fragen benatworten.
Nun in der config von Storageboxx https ändern
nano /root/storageboxx/caddy_certs/selfsigned.crthtml/lib/CORE-Config.php
-subj "/CN=192.168.178.187"Danach ins Verzeichnis Caddy Verzeichnis kopieren. Die CA bleibt im Certs Verzeichnisalt
cp<?php
/root/storageboxx/caddy_certs/selfsigned.key/ (A) HOST
define("SITE_NAME", "Storage Boxx");
define("HOST_BASE", "http://192.168.178.187/"); /root/storageboxx/caddy_data/selfsigned.key/ cpCHANGED BY INSTALLER #um diese zeile geht es !!!!!!!
define("HOST_NAME", parse_url(HOST_BASE, PHP_URL_HOST));
define("HOST_BASE_PATH", parse_url(HOST_BASE, PHP_URL_PATH));
define("HOST_ASSETS", HOST_BASE . "assets/");
/root/storageboxx/caddy_certs/selfsigned.crt/ /root/storageboxx/caddy_data/selfsigned.crt(B) API ENDPOINT
define("HOST_API", "api/");
Fertig.
Neu
<?php
// (A) HOST
define("SITE_NAME", "Storage Boxx");
define("HOST_BASE", "https://192.168.178.187/"); // CHANGED BY INSTALLER
define("HOST_NAME", parse_url(HOST_BASE, PHP_URL_HOST));
define("HOST_BASE_PATH", parse_url(HOST_BASE, PHP_URL_PATH));
define("HOST_ASSETS", HOST_BASE . "assets/");
// (B) API ENDPOINT
define("HOST_API", "api/");
....Den container starten
docker-compose up -dNun die Seite laden Zertifikat akzeptieren und einloggen.
Wenn dieser Fehler kommt.
Benachrichtigungen zulassen im Browser
Push funktioniert
Fertig.