Mirrors/dokku
1
0
Fork 0
mirror of https://github.com/dokku/dokku.git synced 2025-12-28 16:06:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #146 from alexanderbeletsky/ssl2

Browse Source 
issue #138: added wildcard support
This commit is contained in:
Jeff Lindsay
2013-08-08 16:51:38 -07:00
parent b515ddbf01 5ef7b00243
commit 2dfa0fac64
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
plugins/nginx-vhosts/post-deploy
View File

@@ -1,6 +1,7 @@
#!/bin/bash
set -e
APP="$1"; PORT="$2"
WILDCARD_SSL="$HOME/ssl"
SSL="$HOME/$APP/ssl"
if [[ -f "$HOME/VHOST" ]]; then
@@ -12,8 +13,14 @@ if [[ -f "$HOME/VHOST" ]]; then
hostname="${APP/\//-}.$VHOST"
fi
# ssl based nginx.conf
if [[ -f "$SSL/server.crt" ]] && [[ -f "$SSL/server.key" ]]; then
SSL_INUSE="$SSL"
elif [[ -f "$WILDCARD_SSL/server.crt" ]] && [[ -f "$WILDCARD_SSL/server.key" ]] && [[ $hostname = `openssl x509 -in $WILDCARD_SSL/server.crt -noout -subject | tr '/' '\n' | grep CN= | cut -c4-` ]]; then
SSL_INUSE="$WILDCARD_SSL"
fi
# ssl based nginx.conf
if [[ -n "$SSL_INUSE" ]]; then
cat<<EOF > $HOME/$APP/nginx.conf
upstream $APP { server 127.0.0.1:$PORT; }
server {
@@ -27,8 +34,8 @@ server {
server_name $hostname;
ssl on;
ssl_certificate $SSL/server.crt;
ssl_certificate_key $SSL/server.key;
ssl_certificate $SSL_INUSE/server.crt;
ssl_certificate_key $SSL_INUSE/server.key;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;