From f2db5e704b9d4f828f0d32f571aac10d2084344f Mon Sep 17 00:00:00 2001 From: Vadim Vetrov Date: Sat, 16 Mar 2024 22:57:28 +0300 Subject: [PATCH] Add SSL support for api --- .gitignore | 5 ++++- api/Dockerfile | 11 +++++------ api/uwsgi.ini | 3 ++- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 2162b94..0b27bc8 100644 --- a/.gitignore +++ b/.gitignore @@ -24,4 +24,7 @@ hs_err_pid* replay_pid* **/*.env -!**/*.example.env \ No newline at end of file +!**/*.example.env + +# Certificates used for development +crt/ diff --git a/api/Dockerfile b/api/Dockerfile index 9e845b2..3e5e4a6 100644 --- a/api/Dockerfile +++ b/api/Dockerfile @@ -4,7 +4,6 @@ ARG DEBIAN_FRONTEND=noninteractive RUN apt update -y && apt upgrade -y - FROM env as build WORKDIR /app/ @@ -29,7 +28,11 @@ RUN cp dist/$(ls dist | head -1) /prj/ FROM python:3.11-alpine as prod -RUN pip install pyuwsgi +# RUN pip install pyuwsgi +RUN apk update && apk add gcc openssl openssl-dev python3-dev build-base linux-headers pcre-dev + +RUN CFLAGS="-I/usr/local/opt/openssl/include" LDFLAGS="-L/usr/local/opt/openssl/lib" \ + UWSGI_PROFILE_OVERRIDE=ssl=true pip3 install uwsgi -Iv RUN mkdir /prj COPY --from=build /prj/* /prj/ @@ -38,15 +41,11 @@ RUN pip install /prj/$(ls /prj) COPY uwsgi.ini . - - ENTRYPOINT [ "uwsgi", "uwsgi.ini"] - - FROM env as dev RUN conda create -n cenv python=3.11 diff --git a/api/uwsgi.ini b/api/uwsgi.ini index 9fdcc7b..f559638 100644 --- a/api/uwsgi.ini +++ b/api/uwsgi.ini @@ -6,4 +6,5 @@ master = 1 socket = 0.0.0.0:3031 http = 0.0.0.0:80 stats = 0.0.0.0:9191 -stats-http = 1 \ No newline at end of file +stats-http = 1 +https=0.0.0.0:443,/crt/tls.crt,/crt/tls.key,HIGH \ No newline at end of file