sysadmin/openfreemap
1
0
Fork 0
mirror of https://github.com/hyperknot/openfreemap.git synced 2026-05-21 14:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

dummy.cert

Browse Source
This commit is contained in:
Zsolt Ero
2025-02-28 14:10:09 +01:00
parent 6687311f9a
commit f0f7841bb1
4 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
init-server.py
View File

@@ -83,6 +83,8 @@ def http_host_autoupdate(hostname, user, port, noninteractive):
prepare_shared(c) prepare_shared(c)
prepare_http_host(c) prepare_http_host(c)
run_http_host_sync(c) # disable for first install if you don't want to wait
put(c, MODULES_DIR / 'http_host' / 'cron.d' / 'ofm_http_host', '/etc/cron.d/') put(c, MODULES_DIR / 'http_host' / 'cron.d' / 'ofm_http_host', '/etc/cron.d/')

2
modules/http_host/http_host_lib/nginx.py
View File

@@ -47,7 +47,7 @@ def write_nginx_config():
direct_key = config.certs_dir / 'ofm_direct.key' direct_key = config.certs_dir / 'ofm_direct.key'
if not direct_cert.is_file() or not direct_key.is_file(): if not direct_cert.is_file() or not direct_key.is_file():
shutil.copyfile(Path('/etc/nginx/ssl/dummy.crt'), direct_cert) shutil.copyfile(Path('/etc/nginx/ssl/dummy.cert'), direct_cert)
shutil.copyfile(Path('/etc/nginx/ssl/dummy.key'), direct_key) shutil.copyfile(Path('/etc/nginx/ssl/dummy.key'), direct_key)
curl_text_mix += create_nginx_conf( curl_text_mix += create_nginx_conf(

2
ssh_lib/assets/nginx/default_disable.conf
View File

@@ -13,7 +13,7 @@ server {
server_name _; server_name _;
ssl_ciphers aNULL; ssl_ciphers aNULL;
ssl_certificate /etc/nginx/ssl/dummy.crt; ssl_certificate /etc/nginx/ssl/dummy.cert;
ssl_certificate_key /etc/nginx/ssl/dummy.key; ssl_certificate_key /etc/nginx/ssl/dummy.key;
return 444; return 444;

20
ssh_lib/nginx.py
View File

@@ -39,14 +39,7 @@ def nginx(c):
c.sudo('mkdir -p /data/nginx/acme-challenges') c.sudo('mkdir -p /data/nginx/acme-challenges')
c.sudo('mkdir -p /data/nginx/certs') c.sudo('mkdir -p /data/nginx/certs')
if not exists(c, '/etc/nginx/ssl/dummy.crt'): generate_self_signed_cert(c)
c.sudo('mkdir -p /etc/nginx/ssl')
c.sudo(
'openssl req -x509 -nodes -days 365 -newkey rsa:2048 '
'-keyout /etc/nginx/ssl/dummy.key -out /etc/nginx/ssl/dummy.crt '
'-subj "/C=US/ST=Dummy/L=Dummy/O=Dummy/CN=example.com"',
hide=True,
)
put(c, f'{ASSETS_DIR}/nginx/nginx.conf', '/etc/nginx/') put(c, f'{ASSETS_DIR}/nginx/nginx.conf', '/etc/nginx/')
put(c, f'{ASSETS_DIR}/nginx/mime.types', '/etc/nginx/') put(c, f'{ASSETS_DIR}/nginx/mime.types', '/etc/nginx/')
@@ -88,3 +81,14 @@ def lego(c):
c.sudo('chmod +x /tmp/lego/lego') c.sudo('chmod +x /tmp/lego/lego')
c.sudo('mv /tmp/lego/lego /usr/local/bin') c.sudo('mv /tmp/lego/lego /usr/local/bin')
c.sudo('rm -rf /tmp/lego*') c.sudo('rm -rf /tmp/lego*')
def generate_self_signed_cert(c):
if not exists(c, '/etc/nginx/ssl/dummy.cert'):
c.sudo('mkdir -p /etc/nginx/ssl')
c.sudo(
'openssl req -x509 -nodes -days 365 -newkey rsa:2048 '
'-keyout /etc/nginx/ssl/dummy.key -out /etc/nginx/ssl/dummy.cert '
'-subj "/C=US/ST=Dummy/L=Dummy/O=Dummy/CN=example.com"',
hide=True,
)