Compare commits
8 Commits
c89810a730
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| ffc43c131d | |||
| 36ba5b0051 | |||
| 4f12d299b1 | |||
| 47081c0f11 | |||
| 7c2acd0bab | |||
| 84e7c7866f | |||
| 9180bfb719 | |||
| 6921374d9f |
2
back
2
back
Submodule back updated: 812e30a2f8...34ac2a0a69
@ -1 +0,0 @@
|
|||||||
{"creation_dt": "2025-08-05T20:24:46Z", "creation_host": "edf84aa6d82d"}
|
|
||||||
@ -1 +0,0 @@
|
|||||||
{"n": "r0mKQfjcOQihaqfa4-Wm4khM784ibZXr_VppAfM2uVWzRwZILGPItEnh8j5Q1V1S1ASq8wWJYDGxSKVSHjBwWcp1ngyKyW73wmMdkjowVtzK7kwpiPN7rAwVlzkBpRIHxXesyarLMW3T68_gTU0Czg5e2M3vvaoY3ybGFByBeK6clVlwTwzB7XgGe8mgqXraC-daa9hSgnsO-7lm-HmT0DtFG23G45SA29ec_pjVRWh7sRTZtAWnwzHPBXUxC2yG7wZWUDK8QN1JyFEDS1ydHxgCZncsbuZyFMYMsMORGfdE176BgqEyDUo2azb_s3mR_eZcKIK-7Bo65pjNHOXi4Q", "e": "AQAB", "d": "U1VeApFCeWbt_pvAh7olhcyjrxpL6ddtsywpYgDz0la4_Zox89CYmYXKgnU3zsgoWZ3Ce_j036OgSg42pR2YPEfxdOs3jB5ScbrXUy6Qzqr3WyUgVfiToi64kQVMD-MriKiln9av9VbmemSAmZ90JuxUETSOtpfIbUaswuDueKWXs1ztJ-xSa4VsuevFnpnMv1PgRFwx2IwZVqSTPPqQmXFz8MumWz-vj3tVvTDOiX1-qJR2hoea3U5tmcRVryvb03r9hUKv8AI3FstYAyiFnkzASJsqWtSnBYymaIjVHSv41uQvlFUVziH060z1flhP1LxG_rEhnGcy-A9fN_ebpQ", "p": "8TIgvidkLYZ-gMkf96i7K0_-2j0nCXA4yoGG7-bf0A5Brj7eS7gb8OnIpR9MUHPGoWX3XqmA3Zq4iF3u3DZ2DomSnToTMSwIaqrlE9RDrf4UXkolzo7DaBOlA3PqDaKAE3PbEISybBkWNeJKADBVfsquhW_6O613XgKaYblfyCM", "q": "ugvNLeuqkLTE84yM_Q_4bCnMUlUofO-JXYolXnsHDh_wGJ0dzAuQ7PZuNA2vO8fHy4k7BJWlliYQXGKjdpS2wHGOb0al2yMDCfrml5pCaZ8NM0E0vavSmen2GwAJqBh3XYnOoinDE7iJhtbAxUefXqBwQ2qhzOizrcqxTC4Ndys", "dp": "QsOqdph2zXdGOyXxOF-3d7TMCeMVlDJBNiUGkg-pcnEP00jJxdHvwg8koDh6qmZx3ClagRSQfEcgv3ao8MIOidWhBO6Xc2wJ5GTrxkJifZ4wSy1hK70u7_dIHR2P8zhBFaFjST5CGVQUZtP9wfGfKNq31m35qV1KBnbX_ycOEVs", "dq": "MbltwVQ3Zi2qZh2uoQRftSkGvwqbo6ix4hpGGpZvMEtA9JMpn5uHxI2orqjpqOSgdbnb2EHW2-aYgNisL8lXft_a3crYEVWuPkCc2PAVx_0GnihTXE5MH270pArCifbgEFQAsj7PMLolp7BGHXQjGDtxRdN-IzIes9h0wpOcbbk", "qi": "Y_UZbVHFF58ifKFyDPWH-1y-iPZ99a4pJIPbButifb7DGPMqol0hJgDgwXmOzCWTi8fDajTFDJ655MsC1MHJT5iuaDEgFNTrDhh0aRI8iLESeT2QwvRPQ57Rygnxf4qseYEdgJEATY8FudtV66iQPbLndnQwAwKDtN2MaYo8Qzs", "kty": "RSA"}
|
|
||||||
@ -1 +0,0 @@
|
|||||||
{"body": {}, "uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/218539213"}
|
|
||||||
@ -1 +0,0 @@
|
|||||||
{"creation_dt": "2025-08-05T20:29:16Z", "creation_host": "199ca2f29a59"}
|
|
||||||
@ -1 +0,0 @@
|
|||||||
{"n": "r6KTLbG0PUsj0vIZ0W3l-kicz-hAXWuu-Fw0wbIfY2Dr6M-kedsgkWBaQfT-Z9263rhKPkpARPRzlHj71gGCxsbD8jqHJe2PFc4Tesx-T_-PxAoCTeN76ZR7PNOKpWY4dP2IHcBzDLe70woOPfLQ54o5J46QWVsqMPGPZUHwcI4MT9efVNvddXQS86co2UqEZEVMybbQh5DOY06Ds8eBzM8DCR2GHh2qh4lyNGQVE5pvkpr1PMWthU257VwK1KYaoADjOtX5Cr24VQEjBP8qIe_ptmXTWEzoRZuy_ED0baudrigbWQCUULhLfQhz6BfCis3MK35vtbrzFHw9OndF_w", "e": "AQAB", "d": "P3ls4XW4ovI19zWh2QtzsvltGsJgCKMzL_T66Am8yEit2Yy5b4SfB4sf83hcPSNoNre5tTtWcNU7tCvpL9WJ8tbA2BkI4M8zB_lbFuUyvSyqQ3oujQGqtacAxuHY2J_RxY4fFEmKCs2YJtQag47uqs9Mipw-VNzaqaeTYE_tWm-Ri4OaZODtF-h68jQADfcqK3k3bsM4NVpl-KNIlBtXG5t4ONP2RehuPfENZmxGjOK5BvbxKO0H_u7AnrRzgaiZ7WZ7wsO9mZLxYVj4c0NMK4qPsrb70vhZhDkImORr-y72UmQKd6blbS46u8HSnuV1SQXmVxS0dPAWII7muAhcsQ", "p": "7Vl1hLHLhPzjllUAGTpHx11U4T5UowM1pP1mqPKFv1EVf9jHjJTIhYu-w2xuNX267FFjSJnW_CGAgalnRGFaom-uRwEDU9mpQKt8U3BdvrOhK2_8XQkzMi75-E7BuLtMzU2uBHivWttlwIWem2hZF2fePjlsp7JCHHnc189I42c", "q": "vW-qA6GXJl1JzPO_q1REcSTzQ4VNVBYijc8UqhGvG3WtK8QmusXSAMKZwngWw5bwsDuABnp2lB7pKifHDYasX1cGCnhdylOQaMlYmy2mTOjK8QSie2wC6SyT80WgeIVHHcBVdfZRy-QzNbhA0sB8rjNtdYeB99APkAGrvIwEQak", "dp": "4etuFfFaZGqGgvjDkD_ORPEMsx2uWD_c1wAwsI2wS0v15-xC_Qg92ggLe16BhL75pqlNlLSCUxnchQ7nccotCEK_o2xOa4jaNulD_PQO909qELuWfkQcjB705qqocJsv3pebFTx-xT_imZ9WOlzXuJSwkY_9YZ4mmY5RbMYsfe8", "dq": "rztuymMcnXln_jVvlH2jvgHPISNa77B2EDWBSPyIvV7ybGzK4rSA2QEqGHDbpdunE25GtDduHwAk8UDQaZutMZgfV2oWYEVCbRvrYcgtcDFbIO4HmyHD44u_5CYBFds7eLLkmvTanz-de1DQbeNusfmShEhwGhsVekGBai0e9tk", "qi": "e-OfifcVlprUzFLkVfMyN4K2XEMyB_SZ4VdKLfJo7uJSSjKEJi5WojuueTrz2e1X4dgvI2G_vJQTtELIDDj6PiFozfyLfV2BUgQxUbVtgK5FxQlyP-e-w1R0QhTAV6oQURs3_SD4XHk63Nc3_E6BnkDvrLAnryWvSr9eXqfJ0JQ", "kty": "RSA"}
|
|
||||||
@ -1 +0,0 @@
|
|||||||
{"body": {}, "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/2576340237"}
|
|
||||||
@ -1,21 +0,0 @@
|
|||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDiTCCAw6gAwIBAgISBb5NyhTx/b9ThTkfOJtR6JGMMAoGCCqGSM49BAMDMDIx
|
|
||||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
|
||||||
NTAeFw0yNTA4MDUxOTMwNTJaFw0yNTExMDMxOTMwNTFaMBkxFzAVBgNVBAMTDmNy
|
|
||||||
bS5sb2dpZGV4LnJ1MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETCK6vK2xx+uP
|
|
||||||
hxTsV6cfySoO+BCsP16zGmYJj3orNbECitLgCOlBiIhwjWDnbARjhcFRKV5O+UOz
|
|
||||||
VVhoLpJjjqOCAhswggIXMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEF
|
|
||||||
BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUwl/Mr4tK07P6
|
|
||||||
LiaLSBCl2tSTrxUwHwYDVR0jBBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wMgYI
|
|
||||||
KwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZodHRwOi8vZTUuaS5sZW5jci5vcmcv
|
|
||||||
MBkGA1UdEQQSMBCCDmNybS5sb2dpZGV4LnJ1MBMGA1UdIAQMMAowCAYGZ4EMAQIB
|
|
||||||
MC0GA1UdHwQmMCQwIqAgoB6GHGh0dHA6Ly9lNS5jLmxlbmNyLm9yZy8xMy5jcmww
|
|
||||||
ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeI
|
|
||||||
nG0wBYTr5YYmOgAAAZh77KQsAAAEAwBHMEUCICzRYI2vCPEpWYP49reW+4fOlGR0
|
|
||||||
OHxHzZDFSBaJiMQCAiEA/ZYHrNUjn0QLqY9uiYOwnYNxrUSh3GalwterkZOd6GgA
|
|
||||||
dQDtPEvW6AbCpKIAV9vLJOI4Ad9RL+3EhsVwDyDdtz4/4AAAAZh77Kv8AAAEAwBG
|
|
||||||
MEQCIFpQNB2XRUh7fIu0dtP+IcMpkAwd47iNxQ3vd7tEVtriAiA1sAWJH+0UlgHN
|
|
||||||
hjCNchJEjfkk3pnqtrNz0k3toIjNPzAKBggqhkjOPQQDAwNpADBmAjEApGgz48k6
|
|
||||||
SPJrueSnFKb1MBPSfeMArQ8XM2kW5WVOKaBMnFZV+qlVQlehbNVgCbIGAjEA09Mf
|
|
||||||
10KRlX4bSosofDWsrKWaxwyi9w3yt0GkpdifCBGGQDMQSmcf1q9qS5XXZcQ3
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
@ -1,26 +0,0 @@
|
|||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
|
||||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
|
||||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
|
||||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
|
||||||
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
|
||||||
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
|
||||||
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
|
||||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
|
||||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
|
||||||
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
|
||||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
|
||||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
|
||||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
|
||||||
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
|
||||||
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
|
||||||
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
|
||||||
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
|
||||||
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
|
||||||
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
|
||||||
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
|
||||||
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
|
||||||
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
|
||||||
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
|
||||||
VQD9F6Na/+zmXCc=
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
@ -1,47 +0,0 @@
|
|||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDiTCCAw6gAwIBAgISBb5NyhTx/b9ThTkfOJtR6JGMMAoGCCqGSM49BAMDMDIx
|
|
||||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
|
||||||
NTAeFw0yNTA4MDUxOTMwNTJaFw0yNTExMDMxOTMwNTFaMBkxFzAVBgNVBAMTDmNy
|
|
||||||
bS5sb2dpZGV4LnJ1MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETCK6vK2xx+uP
|
|
||||||
hxTsV6cfySoO+BCsP16zGmYJj3orNbECitLgCOlBiIhwjWDnbARjhcFRKV5O+UOz
|
|
||||||
VVhoLpJjjqOCAhswggIXMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEF
|
|
||||||
BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUwl/Mr4tK07P6
|
|
||||||
LiaLSBCl2tSTrxUwHwYDVR0jBBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wMgYI
|
|
||||||
KwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZodHRwOi8vZTUuaS5sZW5jci5vcmcv
|
|
||||||
MBkGA1UdEQQSMBCCDmNybS5sb2dpZGV4LnJ1MBMGA1UdIAQMMAowCAYGZ4EMAQIB
|
|
||||||
MC0GA1UdHwQmMCQwIqAgoB6GHGh0dHA6Ly9lNS5jLmxlbmNyLm9yZy8xMy5jcmww
|
|
||||||
ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeI
|
|
||||||
nG0wBYTr5YYmOgAAAZh77KQsAAAEAwBHMEUCICzRYI2vCPEpWYP49reW+4fOlGR0
|
|
||||||
OHxHzZDFSBaJiMQCAiEA/ZYHrNUjn0QLqY9uiYOwnYNxrUSh3GalwterkZOd6GgA
|
|
||||||
dQDtPEvW6AbCpKIAV9vLJOI4Ad9RL+3EhsVwDyDdtz4/4AAAAZh77Kv8AAAEAwBG
|
|
||||||
MEQCIFpQNB2XRUh7fIu0dtP+IcMpkAwd47iNxQ3vd7tEVtriAiA1sAWJH+0UlgHN
|
|
||||||
hjCNchJEjfkk3pnqtrNz0k3toIjNPzAKBggqhkjOPQQDAwNpADBmAjEApGgz48k6
|
|
||||||
SPJrueSnFKb1MBPSfeMArQ8XM2kW5WVOKaBMnFZV+qlVQlehbNVgCbIGAjEA09Mf
|
|
||||||
10KRlX4bSosofDWsrKWaxwyi9w3yt0GkpdifCBGGQDMQSmcf1q9qS5XXZcQ3
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
|
||||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
|
||||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
|
||||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
|
||||||
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
|
||||||
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
|
||||||
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
|
||||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
|
||||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
|
||||||
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
|
||||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
|
||||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
|
||||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
|
||||||
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
|
||||||
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
|
||||||
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
|
||||||
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
|
||||||
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
|
||||||
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
|
||||||
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
|
||||||
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
|
||||||
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
|
||||||
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
|
||||||
VQD9F6Na/+zmXCc=
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
-----BEGIN PRIVATE KEY-----
|
|
||||||
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgFkXdlflm1jVVUGrf
|
|
||||||
FEk7FnCClt6cGJ+1FYxBJyKRUomhRANCAARMIrq8rbHH64+HFOxXpx/JKg74EKw/
|
|
||||||
XrMaZgmPeis1sQKK0uAI6UGIiHCNYOdsBGOFwVEpXk75Q7NVWGgukmOO
|
|
||||||
-----END PRIVATE KEY-----
|
|
||||||
@ -1,14 +0,0 @@
|
|||||||
This directory contains your keys and certificates.
|
|
||||||
|
|
||||||
`[cert name]/privkey.pem` : the private key for your certificate.
|
|
||||||
`[cert name]/fullchain.pem`: the certificate file used in most server software.
|
|
||||||
`[cert name]/chain.pem` : used for OCSP stapling in Nginx >=1.3.7.
|
|
||||||
`[cert name]/cert.pem` : will break many server configurations, and should not be used
|
|
||||||
without reading further documentation (see link below).
|
|
||||||
|
|
||||||
WARNING: DO NOT MOVE OR RENAME THESE FILES!
|
|
||||||
Certbot expects these files to remain in this location in order
|
|
||||||
to function properly!
|
|
||||||
|
|
||||||
We recommend not moving these files. For more information, see the Certbot
|
|
||||||
User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
|
|
||||||
@ -1,14 +0,0 @@
|
|||||||
This directory contains your keys and certificates.
|
|
||||||
|
|
||||||
`privkey.pem` : the private key for your certificate.
|
|
||||||
`fullchain.pem`: the certificate file used in most server software.
|
|
||||||
`chain.pem` : used for OCSP stapling in Nginx >=1.3.7.
|
|
||||||
`cert.pem` : will break many server configurations, and should not be used
|
|
||||||
without reading further documentation (see link below).
|
|
||||||
|
|
||||||
WARNING: DO NOT MOVE OR RENAME THESE FILES!
|
|
||||||
Certbot expects these files to remain in this location in order
|
|
||||||
to function properly!
|
|
||||||
|
|
||||||
We recommend not moving these files. For more information, see the Certbot
|
|
||||||
User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
|
|
||||||
@ -1 +0,0 @@
|
|||||||
../../archive/crm.logidex.ru/cert1.pem
|
|
||||||
@ -1 +0,0 @@
|
|||||||
../../archive/crm.logidex.ru/chain1.pem
|
|
||||||
@ -1,8 +0,0 @@
|
|||||||
-----BEGIN DH PARAMETERS-----
|
|
||||||
MIIBDAKCAQEAv+baak1aR8Bh/ucy3ANvcUVDrvvXtGyYKzCU+2yljE8+/ZWBQBex
|
|
||||||
66SqN3JDiI3CkjRmFlgIXft+E2flQjdDy7LTa1E86krfZMGkt6bNVT7Dx/zMNBr1
|
|
||||||
qsdoIvnL+JELsRMMOporRc25Tw6g7aFFirNqgBApCJASw24YA7uJYPtxL9tEmWzz
|
|
||||||
nO0E9/3JNPXipAHG64aBm+jJWe49y3TSplwlACqGtv+aqoZBwrkstthEdQHJH49I
|
|
||||||
Zzwh3pAcQldh6+OCPfOxP9wAirLVoDQ1QRHcuhsh14jlMC2IclcbT4Sk428UD10n
|
|
||||||
o58CUTipyDRyZacsL3J8rkHwjVGCnuj2dwIBAgICAOE=
|
|
||||||
-----END DH PARAMETERS-----
|
|
||||||
@ -1 +0,0 @@
|
|||||||
../../archive/crm.logidex.ru/fullchain1.pem
|
|
||||||
@ -1 +0,0 @@
|
|||||||
../../archive/crm.logidex.ru/privkey1.pem
|
|
||||||
@ -1,17 +0,0 @@
|
|||||||
# renew_before_expiry = 30 days
|
|
||||||
version = 4.0.0
|
|
||||||
archive_dir = /etc/letsencrypt/archive/crm.logidex.ru
|
|
||||||
cert = /etc/letsencrypt/live/crm.logidex.ru/cert.pem
|
|
||||||
privkey = /etc/letsencrypt/live/crm.logidex.ru/privkey.pem
|
|
||||||
chain = /etc/letsencrypt/live/crm.logidex.ru/chain.pem
|
|
||||||
fullchain = /etc/letsencrypt/live/crm.logidex.ru/fullchain.pem
|
|
||||||
|
|
||||||
# Options used in the renewal process
|
|
||||||
[renewalparams]
|
|
||||||
account = 0d61127dc0ee95f4a384f309b2f6dc6b
|
|
||||||
authenticator = webroot
|
|
||||||
webroot_path = /var/www/certbot,
|
|
||||||
server = https://acme-v02.api.letsencrypt.org/directory
|
|
||||||
key_type = ecdsa
|
|
||||||
[[webroot_map]]
|
|
||||||
crm.logidex.ru = /var/www/certbot
|
|
||||||
121
config/nginx/nginx-ssl.conf
Normal file
121
config/nginx/nginx-ssl.conf
Normal file
@ -0,0 +1,121 @@
|
|||||||
|
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=7d use_temp_path=off;
|
||||||
|
|
||||||
|
upstream backend
|
||||||
|
{
|
||||||
|
server unix:/app/run/socket0.sock;
|
||||||
|
server unix:/app/run/socket1.sock;
|
||||||
|
server unix:/app/run/socket2.sock;
|
||||||
|
server unix:/app/run/socket3.sock;
|
||||||
|
}
|
||||||
|
|
||||||
|
upstream frontend
|
||||||
|
{
|
||||||
|
server front:3000;
|
||||||
|
}
|
||||||
|
|
||||||
|
server
|
||||||
|
{
|
||||||
|
listen 443 ssl http2; # managed by Certbot
|
||||||
|
|
||||||
|
server_tokens off;
|
||||||
|
server_name crm.logidex.ru www.crm.logidex.ru;
|
||||||
|
gzip on;
|
||||||
|
gzip_proxied any;
|
||||||
|
gzip_comp_level 4;
|
||||||
|
gzip_types text/css application/javascript image/svg+xml application/json text/plain text/xml;
|
||||||
|
|
||||||
|
|
||||||
|
ssl_certificate /var/www/certbot/live/crm.logidex.ru/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /var/www/certbot/live/crm.logidex.ru/privkey.pem; # managed by Certbot
|
||||||
|
|
||||||
|
# Temp disable for testing
|
||||||
|
# add_header Strict-Transport-Security "max-age=0" always;
|
||||||
|
|
||||||
|
|
||||||
|
# intermediate configuration
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ecdh_curve X25519:prime256v1:secp384r1;
|
||||||
|
ssl_session_cache shared:le_nginx_SSL:10m;
|
||||||
|
ssl_session_timeout 1440m;
|
||||||
|
ssl_session_tickets off;
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
|
||||||
|
|
||||||
|
ssl_dhparam /var/www/certbot/live/crm.logidex.ru/dhparam.pem; # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
# OCSP stapling
|
||||||
|
ssl_stapling on;
|
||||||
|
ssl_stapling_verify on;
|
||||||
|
|
||||||
|
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||||||
|
ssl_trusted_certificate /var/www/certbot/live/crm.logidex.ru/fullchain.pem;
|
||||||
|
|
||||||
|
# replace with the IP address of your resolver;
|
||||||
|
# async 'resolver' is important for proper operation of OCSP stapling
|
||||||
|
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
||||||
|
resolver_timeout 5s;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Общие proxy_set_header, унаследованные всеми location
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
|
||||||
|
|
||||||
|
location /api
|
||||||
|
{
|
||||||
|
proxy_pass http://backend;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /
|
||||||
|
{
|
||||||
|
proxy_pass http://frontend;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /_next/webpack-hmr
|
||||||
|
{
|
||||||
|
proxy_pass http://frontend;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /_next/static
|
||||||
|
{
|
||||||
|
proxy_cache STATIC;
|
||||||
|
proxy_pass http://frontend;
|
||||||
|
add_header X-Cache-Status $upstream_cache_status;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection 'upgrade';
|
||||||
|
proxy_cache_bypass $http_upgrade;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /static
|
||||||
|
{
|
||||||
|
proxy_cache STATIC;
|
||||||
|
proxy_ignore_headers Cache-Control;
|
||||||
|
proxy_cache_valid 60m;
|
||||||
|
proxy_pass http://frontend;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /.well-known/acme-challenge/ {
|
||||||
|
root /var/www/certbot;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = crm.logidex.ru) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
server_name git.logidex.ru;
|
||||||
|
listen 80;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
@ -15,9 +15,8 @@ upstream frontend
|
|||||||
|
|
||||||
server
|
server
|
||||||
{
|
{
|
||||||
listen 443 ssl http2; # managed by Certbot
|
listen 80; # managed by Certbot
|
||||||
|
|
||||||
server_tokens off;
|
|
||||||
server_name crm.logidex.ru www.crm.logidex.ru;
|
server_name crm.logidex.ru www.crm.logidex.ru;
|
||||||
gzip on;
|
gzip on;
|
||||||
gzip_proxied any;
|
gzip_proxied any;
|
||||||
@ -25,40 +24,6 @@ server
|
|||||||
gzip_types text/css application/javascript image/svg+xml application/json text/plain text/xml;
|
gzip_types text/css application/javascript image/svg+xml application/json text/plain text/xml;
|
||||||
|
|
||||||
|
|
||||||
ssl_certificate /var/www/certbot/live/crm.logidex.ru/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /var/www/certbot/live/crm.logidex.ru/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
# Temp disable for testing
|
|
||||||
# add_header Strict-Transport-Security "max-age=0" always;
|
|
||||||
|
|
||||||
|
|
||||||
# intermediate configuration
|
|
||||||
ssl_protocols TLSv1.2 TLSv1.3;
|
|
||||||
ssl_ecdh_curve X25519:prime256v1:secp384r1;
|
|
||||||
ssl_session_cache shared:le_nginx_SSL:10m;
|
|
||||||
ssl_session_timeout 1440m;
|
|
||||||
ssl_session_tickets off;
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
|
|
||||||
|
|
||||||
ssl_dhparam /var/www/certbot/live/crm.logidex.ru/dhparam.pem; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
# OCSP stapling
|
|
||||||
ssl_stapling on;
|
|
||||||
ssl_stapling_verify on;
|
|
||||||
|
|
||||||
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
|
||||||
ssl_trusted_certificate /var/www/certbot/live/crm.logidex.ru/fullchain.pem;
|
|
||||||
|
|
||||||
# replace with the IP address of your resolver;
|
|
||||||
# async 'resolver' is important for proper operation of OCSP stapling
|
|
||||||
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
|
||||||
resolver_timeout 5s;
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Общие proxy_set_header, унаследованные всеми location
|
# Общие proxy_set_header, унаследованные всеми location
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
@ -102,20 +67,5 @@ server
|
|||||||
proxy_cache_valid 60m;
|
proxy_cache_valid 60m;
|
||||||
proxy_pass http://frontend;
|
proxy_pass http://frontend;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /.well-known/acme-challenge/ {
|
|
||||||
root /var/www/certbot;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = crm.logidex.ru) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
}
|
|
||||||
server_name git.logidex.ru;
|
|
||||||
listen 80;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|||||||
@ -18,9 +18,7 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
nginx:
|
nginx:
|
||||||
image: nginx:alpine-slim
|
image: nginx:alpine-slim
|
||||||
ports:
|
container_name: crm
|
||||||
- "80:80"
|
|
||||||
- "443:443"
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- back
|
- back
|
||||||
- front
|
- front
|
||||||
@ -40,19 +38,14 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
networks:
|
networks:
|
||||||
- appnet
|
- appnet
|
||||||
certbot:
|
- proxy
|
||||||
image: certbot/certbot:latest
|
labels:
|
||||||
volumes:
|
- "traefik.enable=true"
|
||||||
- type: bind
|
|
||||||
source: ./certbot/www
|
|
||||||
target: /var/www/certbot
|
|
||||||
read_only: false
|
|
||||||
- type: bind
|
|
||||||
source: ./certbot/conf
|
|
||||||
target: /etc/letsencrypt
|
|
||||||
read_only: false
|
|
||||||
volumes:
|
volumes:
|
||||||
app_run:
|
app_run:
|
||||||
driver: local
|
driver: local
|
||||||
networks:
|
networks:
|
||||||
appnet:
|
appnet:
|
||||||
|
external: false
|
||||||
|
proxy:
|
||||||
|
external: true
|
||||||
2
front
2
front
Submodule front updated: 1047a0b5fe...8cc11bca67
Reference in New Issue
Block a user