SSL本番環境状態

docker-compose.yml

@@ -12,17 +12,17 @@ services:
       - 443:443
     volumes:
       - ./backend:/work
-      # - /etc/letsencrypt/live/kikikan.xyz:/etc/letsencrypt/live/kikikan.xyz
-      # - /etc/letsencrypt/archive/kikikan.xyz:/etc/letsencrypt/archive/kikikan.xyz
+      - /etc/letsencrypt/live/kikikan.xyz:/etc/letsencrypt/live/kikikan.xyz
+      - /etc/letsencrypt/archive/kikikan.xyz:/etc/letsencrypt/archive/kikikan.xyz
       - ./infra/nginx/default.conf:/etc/nginx/conf.d/default.conf
     working_dir: /work
 
-  # certbot:
-  #   image: certbot/certbot:v1.7.0
-  #   volumes:
-  #     - ./backend:/work
-  #     - /etc/letsencrypt:/etc/letsencrypt
-  #   command: ["--version"]
+  certbot:
+    image: certbot/certbot:v1.7.0
+    volumes:
+      - ./backend:/work
+      - /etc/letsencrypt:/etc/letsencrypt
+    command: ["--version"]
 
   db:
     build: ./infra/mysql

infra/nginx/default.conf

@@ -1,18 +1,18 @@
 server {
     listen 80;
-    # listen 443 ssl;
+    listen 443 ssl;
     server_name kikikan.xyz;
     root /work/public;
 
 	# Redirect to HTTPS
-    # return 301 https://$host$request_uri;
+    return 301 https://$host$request_uri;
 
 	# SSL化
-    # ssl_certificate /etc/letsencrypt/live/kikikan.xyz/fullchain.pem;
-    # ssl_certificate_key /etc/letsencrypt/live/kikikan.xyz/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/kikikan.xyz/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/kikikan.xyz/privkey.pem;
 
-	# access_log /var/log/nginx/ssl-access.log;
-	# error_log /var/log/nginx/ssl-error.log;
+	access_log /var/log/nginx/ssl-access.log;
+	error_log /var/log/nginx/ssl-error.log;
 
     add_header X-Frame-Options "SAMEORIGIN";
     add_header X-XSS-Protection "1; mode=block";