From ae98b92944b3419a6586996c1dbcf04a49a0d1ec Mon Sep 17 00:00:00 2001 From: Zsolt Ero Date: Sat, 24 Feb 2024 00:30:01 +0100 Subject: [PATCH] certs --- config/certs/.gitignore | 1 + init-server.py | 11 ++++++++++- scripts/http_host/host_manager.py | 3 --- .../http_host/http_host_lib/templates/nginx_cf.conf | 4 ++-- 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/config/certs/.gitignore b/config/certs/.gitignore index e69de29..72e8ffc 100644 --- a/config/certs/.gitignore +++ b/config/certs/.gitignore @@ -0,0 +1 @@ +* diff --git a/init-server.py b/init-server.py index e0894a7..641f102 100755 --- a/init-server.py +++ b/init-server.py @@ -90,7 +90,7 @@ def prepare_tile_gen(c): def upload_http_host_config(c): - domain_direct = dotenv_values(f'{CONFIG_DIR}/.env').get('DOMAIN_DIRECT1', '').strip() + domain_direct = dotenv_values(f'{CONFIG_DIR}/.env').get('DOMAIN_DIRECT', '').strip() domain_cf = dotenv_values(f'{CONFIG_DIR}/.env').get('DOMAIN_CF', '').strip() skip_planet = ( dotenv_values(f'{CONFIG_DIR}/.env').get('SKIP_PLANET', '').lower().strip() == 'true' @@ -99,6 +99,13 @@ def upload_http_host_config(c): if not (domain_direct or domain_cf): sys.exit('Please specify DOMAIN_DIRECT or DOMAIN_CF in config/.env') + if domain_cf: + if ( + not (CONFIG_DIR / 'certs' / 'cf.key').exists() + or not (CONFIG_DIR / 'certs' / 'cf.cert').exists() + ): + sys.exit('When using DOMAIN_CF, please place cf.key and cf.cert in config/certs') + host_config = { 'domain_direct': domain_direct, 'domain_cf': domain_cf, @@ -106,6 +113,7 @@ def upload_http_host_config(c): } host_config_str = json.dumps(host_config, indent=2, ensure_ascii=False) + print(host_config_str) put_str(c, '/data/ofm/config/http_host.json', host_config_str) @@ -246,6 +254,7 @@ def debug(hostname, user, port): c = get_connection(hostname, user, port) upload_http_host_config(c) + upload_https_host_files(c) run_http_host_sync(c) diff --git a/scripts/http_host/host_manager.py b/scripts/http_host/host_manager.py index 0c32ce8..041ba13 100755 --- a/scripts/http_host/host_manager.py +++ b/scripts/http_host/host_manager.py @@ -10,10 +10,7 @@ import requests from http_host_lib import DEFAULT_ASSETS_DIR, DEFAULT_RUNS_DIR, MNT_DIR from http_host_lib.download_assets import ( download_and_extract_asset_tar_gz, - download_fonts, - download_natural_earth, download_sprites, - download_styles, ) from http_host_lib.download_tileset import download_and_extract_tileset from http_host_lib.mount import clean_up_mounts, create_fstab diff --git a/scripts/http_host/http_host_lib/templates/nginx_cf.conf b/scripts/http_host/http_host_lib/templates/nginx_cf.conf index 6acfa52..b0bb2cf 100644 --- a/scripts/http_host/http_host_lib/templates/nginx_cf.conf +++ b/scripts/http_host/http_host_lib/templates/nginx_cf.conf @@ -9,8 +9,8 @@ server { listen [::]:443 ssl; http2 on; - ssl_certificate /data/nginx/certs/openfreemap.org.cert; - ssl_certificate_key /data/nginx/certs/openfreemap.org.key; + ssl_certificate /data/nginx/certs/cf.cert; + ssl_certificate_key /data/nginx/certs/cf.key; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; # about 40000 sessions ssl_session_tickets off;