LumeWeb
/
tusd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enable SSL using certificate from Let's Encrypt

This commit is contained in:
Marius 2016-11-04 19:51:44 +01:00
parent a0b37487e9
commit d5e3ca60af
3 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.infra/Frey-state-terraform.tfstate
View File

@ -1,7 +1,7 @@
{ {
"version": 3, "version": 3,
"terraform_version": "0.7.3", "terraform_version": "0.7.3",
"serial": 30, "serial": 31,
"lineage": "deedcad1-a3e9-4e02-9135-c347bbbe0be0", "lineage": "deedcad1-a3e9-4e02-9135-c347bbbe0be0",
"modules": [ "modules": [
{ {
@ -128,7 +128,7 @@
"description": "Infra tusd", "description": "Infra tusd",
"egress.#": "0", "egress.#": "0",
"id": "sg-60cc290d", "id": "sg-60cc290d",
"ingress.#": "3", "ingress.#": "4",
"ingress.2214680975.cidr_blocks.#": "1", "ingress.2214680975.cidr_blocks.#": "1",
"ingress.2214680975.cidr_blocks.0": "0.0.0.0/0", "ingress.2214680975.cidr_blocks.0": "0.0.0.0/0",
"ingress.2214680975.from_port": "80", "ingress.2214680975.from_port": "80",
@ -143,6 +143,13 @@
"ingress.2541437006.security_groups.#": "0", "ingress.2541437006.security_groups.#": "0",
"ingress.2541437006.self": "false", "ingress.2541437006.self": "false",
"ingress.2541437006.to_port": "22", "ingress.2541437006.to_port": "22",
"ingress.2617001939.cidr_blocks.#": "1",
"ingress.2617001939.cidr_blocks.0": "0.0.0.0/0",
"ingress.2617001939.from_port": "443",
"ingress.2617001939.protocol": "tcp",
"ingress.2617001939.security_groups.#": "0",
"ingress.2617001939.self": "false",
"ingress.2617001939.to_port": "443",
"ingress.516175195.cidr_blocks.#": "1", "ingress.516175195.cidr_blocks.#": "1",
"ingress.516175195.cidr_blocks.0": "0.0.0.0/0", "ingress.516175195.cidr_blocks.0": "0.0.0.0/0",
"ingress.516175195.from_port": "8080", "ingress.516175195.from_port": "8080",

6
.infra/Freyfile.hcl
View File

@ -87,6 +87,12 @@ infra resource aws_security_group "fw-tusd-main" {
protocol = "tcp" protocol = "tcp"
to_port = 80 to_port = 80
} }
ingress {
cidr_blocks = ["0.0.0.0/0"]
from_port = 443
protocol = "tcp"
to_port = 443
}
ingress { ingress {
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
from_port = 22 from_port = 22

6
.infra/files/nginx.conf
View File

@ -2,6 +2,12 @@ server {
listen 80 default_server; listen 80 default_server;
listen [::]:80 default_server ipv6only=on; listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
ssl_certificate /etc/letsencrypt/live/master.tus.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/master.tus.io/privkey.pem;
server_name master.tus.io; server_name master.tus.io;
# certbot will place the files required for the HTTP challenge in the # certbot will place the files required for the HTTP challenge in the