Enable SSL using certificate from Let's Encrypt
This commit is contained in:
parent
a0b37487e9
commit
d5e3ca60af
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"version": 3,
|
"version": 3,
|
||||||
"terraform_version": "0.7.3",
|
"terraform_version": "0.7.3",
|
||||||
"serial": 30,
|
"serial": 31,
|
||||||
"lineage": "deedcad1-a3e9-4e02-9135-c347bbbe0be0",
|
"lineage": "deedcad1-a3e9-4e02-9135-c347bbbe0be0",
|
||||||
"modules": [
|
"modules": [
|
||||||
{
|
{
|
||||||
|
@ -128,7 +128,7 @@
|
||||||
"description": "Infra tusd",
|
"description": "Infra tusd",
|
||||||
"egress.#": "0",
|
"egress.#": "0",
|
||||||
"id": "sg-60cc290d",
|
"id": "sg-60cc290d",
|
||||||
"ingress.#": "3",
|
"ingress.#": "4",
|
||||||
"ingress.2214680975.cidr_blocks.#": "1",
|
"ingress.2214680975.cidr_blocks.#": "1",
|
||||||
"ingress.2214680975.cidr_blocks.0": "0.0.0.0/0",
|
"ingress.2214680975.cidr_blocks.0": "0.0.0.0/0",
|
||||||
"ingress.2214680975.from_port": "80",
|
"ingress.2214680975.from_port": "80",
|
||||||
|
@ -143,6 +143,13 @@
|
||||||
"ingress.2541437006.security_groups.#": "0",
|
"ingress.2541437006.security_groups.#": "0",
|
||||||
"ingress.2541437006.self": "false",
|
"ingress.2541437006.self": "false",
|
||||||
"ingress.2541437006.to_port": "22",
|
"ingress.2541437006.to_port": "22",
|
||||||
|
"ingress.2617001939.cidr_blocks.#": "1",
|
||||||
|
"ingress.2617001939.cidr_blocks.0": "0.0.0.0/0",
|
||||||
|
"ingress.2617001939.from_port": "443",
|
||||||
|
"ingress.2617001939.protocol": "tcp",
|
||||||
|
"ingress.2617001939.security_groups.#": "0",
|
||||||
|
"ingress.2617001939.self": "false",
|
||||||
|
"ingress.2617001939.to_port": "443",
|
||||||
"ingress.516175195.cidr_blocks.#": "1",
|
"ingress.516175195.cidr_blocks.#": "1",
|
||||||
"ingress.516175195.cidr_blocks.0": "0.0.0.0/0",
|
"ingress.516175195.cidr_blocks.0": "0.0.0.0/0",
|
||||||
"ingress.516175195.from_port": "8080",
|
"ingress.516175195.from_port": "8080",
|
||||||
|
|
|
@ -87,6 +87,12 @@ infra resource aws_security_group "fw-tusd-main" {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
to_port = 80
|
to_port = 80
|
||||||
}
|
}
|
||||||
|
ingress {
|
||||||
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
|
from_port = 443
|
||||||
|
protocol = "tcp"
|
||||||
|
to_port = 443
|
||||||
|
}
|
||||||
ingress {
|
ingress {
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
from_port = 22
|
from_port = 22
|
||||||
|
|
|
@ -2,6 +2,12 @@ server {
|
||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
listen [::]:80 default_server ipv6only=on;
|
listen [::]:80 default_server ipv6only=on;
|
||||||
|
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ipv6only=on ssl;
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/master.tus.io/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/master.tus.io/privkey.pem;
|
||||||
|
|
||||||
server_name master.tus.io;
|
server_name master.tus.io;
|
||||||
|
|
||||||
# certbot will place the files required for the HTTP challenge in the
|
# certbot will place the files required for the HTTP challenge in the
|
||||||
|
|
Loading…
Reference in New Issue