강동현
Builds for 1 pipeline failed in 1 minute 15 seconds

인증서 파일을 환경변수를 사용하도록 변경

......@@ -10,11 +10,20 @@ services:
- "3000:3000"
volumes:
- /etc/letsencrypt:/etc/letsencrypt
environment:
- SSL_CERT={SSL_CERT}
- SSL_KEY={SSL_KEY}
- SSL_CA={SSL_CA}
web:
build:
context: .
dockerfile: ./web/Dockerfile
args:
- HOST={HOST}
- SSL_CERT={SSL_CERT}
- SSL_KEY={SSL_KEY}
- SSL_CA={SSL_CA}
restart: unless-stopped
ports:
- "443:443"
......
......@@ -23,15 +23,9 @@ export class Server {
} else {
server = createServerHttps(
{
cert: readFileSync(
"/etc/letsencrypt/live/2020105578.oss2021.tk/cert.pem"
),
key: readFileSync(
"/etc/letsencrypt/live/2020105578.oss2021.tk/privkey.pem"
),
ca: readFileSync(
"/etc/letsencrypt/live/2020105578.oss2021.tk/fullchain.pem"
),
cert: readFileSync(process.env.SSL_CERT as string),
key: readFileSync(process.env.SSL_KEY as string),
ca: readFileSync(process.env.SSL_CA as string),
},
app
);
......
......@@ -16,7 +16,18 @@ RUN yarn build
FROM nginx:latest
COPY web/default.conf /etc/nginx/conf.d/default.conf
ARG HOST
ENV HOST ${HOST}
ARG SSL_CERT
ENV SSL_CERT ${SSL_CERT}
ARG SSL_KEY
ENV SSL_KEY ${SSL_KEY}}
ARG SSL_CA
ENV SSL_CA ${SSL_CA}}
COPY web/default.conf /etc/nginx/conf.d/default_temp
RUN envsubst < /etc/nginx/conf.d/default_temp > /etc/nginx/conf.d/default.conf
COPY --from=build /usr/web/build /usr/web/build
EXPOSE 443
......
......@@ -5,10 +5,10 @@ server {
server {
listen 443 ssl default_server;
server_name 2020105578.oss2021.tk;
server_name $HOST;
ssl_certificate /etc/letsencrypt/live/2020105578.oss2021.tk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020105578.oss2021.tk/privkey.pem;
ssl_certificate $SSL_CA;
ssl_certificate_key $SSL_KEY;
location / {
root /usr/web/build;
......