SSL本番環境状態
このコミットが含まれているのは:
コミット
01cb3927f7
|
@ -12,17 +12,17 @@ services:
|
|||
- 443:443
|
||||
volumes:
|
||||
- ./backend:/work
|
||||
# - /etc/letsencrypt/live/kikikan.xyz:/etc/letsencrypt/live/kikikan.xyz
|
||||
# - /etc/letsencrypt/archive/kikikan.xyz:/etc/letsencrypt/archive/kikikan.xyz
|
||||
- /etc/letsencrypt/live/kikikan.xyz:/etc/letsencrypt/live/kikikan.xyz
|
||||
- /etc/letsencrypt/archive/kikikan.xyz:/etc/letsencrypt/archive/kikikan.xyz
|
||||
- ./infra/nginx/default.conf:/etc/nginx/conf.d/default.conf
|
||||
working_dir: /work
|
||||
|
||||
# certbot:
|
||||
# image: certbot/certbot:v1.7.0
|
||||
# volumes:
|
||||
# - ./backend:/work
|
||||
# - /etc/letsencrypt:/etc/letsencrypt
|
||||
# command: ["--version"]
|
||||
certbot:
|
||||
image: certbot/certbot:v1.7.0
|
||||
volumes:
|
||||
- ./backend:/work
|
||||
- /etc/letsencrypt:/etc/letsencrypt
|
||||
command: ["--version"]
|
||||
|
||||
db:
|
||||
build: ./infra/mysql
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
server {
|
||||
listen 80;
|
||||
# listen 443 ssl;
|
||||
listen 443 ssl;
|
||||
server_name kikikan.xyz;
|
||||
root /work/public;
|
||||
|
||||
# Redirect to HTTPS
|
||||
# return 301 https://$host$request_uri;
|
||||
return 301 https://$host$request_uri;
|
||||
|
||||
# SSL化
|
||||
# ssl_certificate /etc/letsencrypt/live/kikikan.xyz/fullchain.pem;
|
||||
# ssl_certificate_key /etc/letsencrypt/live/kikikan.xyz/privkey.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/kikikan.xyz/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/kikikan.xyz/privkey.pem;
|
||||
|
||||
# access_log /var/log/nginx/ssl-access.log;
|
||||
# error_log /var/log/nginx/ssl-error.log;
|
||||
access_log /var/log/nginx/ssl-access.log;
|
||||
error_log /var/log/nginx/ssl-error.log;
|
||||
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
|
新しいイシューから参照