search

FritzTheCat9 / YoutubeLinks

YoutubeLinks allow users to save YouTube links as playlists. Users are able to download mp3/mp4 files from the playlists they create. Project created as part of the "100 Commits" competition.
27 stars 1 forks source link

Docker support #1

Closed FritzTheCat9 closed 5 months ago

FritzTheCat9 commented 7 months ago
FritzTheCat9 commented 6 months ago

Blazor wasm working on http (docker + nginix) Check Blazor wasm https later if any good configs on the internet

FritzTheCat9 commented 6 months ago

Blazor WASM HTTPS was working with this settings:

  1. Install OpenSSL: https://slproweb.com/products/Win32OpenSSL.html Win64 OpenSSL v3.3.0 exe

  2. Add environment variable to Path: C:\Windows\System32\OpenSSH\

  3. Check if OpenSSL is working: openssl version

  4. Generate a Private Key and Certificate Signing Request (CSR): openssl req -newkey rsa:2048 -nodes -keyout private.key -out certificate.csr

  5. Generate a Self-Signed Certificate: openssl x509 -req -days 365 -in certificate.csr -signkey private.key -out certificate.crt

You will have 3 files generated:

  1. Add key and certificate files to docker-compose volume:

docker-compose (add blazor service volumes - key, certificate):

volumes:

  1. Update nginx.conf file to Redirect HTTP to HTTPS and listen on 443 (https), point certificates

nginx.conf:

events { }
http {
    include mime.types;

    server {
        listen 80;
        index index.html;

        # Redirect HTTP to HTTPS
        location / {
            return 301 https://$host$request_uri;
        }
    }

    server {
        listen 443 ssl;
        index index.html;

        # SSL configuration
        ssl_certificate /etc/nginx/certificate.crt;
        ssl_certificate_key /etc/nginx/private.key;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers off;
        ssl_ciphers EECDH+AESGCM:EDH+AESGCM;

        location / {
            root /usr/share/nginx/html;
            try_files $uri $uri/ /index.html;
        }
    }
}

To refresh blazor wasm website clear this cache: image

  1. I tested this config.
    • HTTPS Blazor WASM works - OK
    • HTTP -> HTTPS redirection dont work correctly - WRONG
    • HTTPS site shows that certificate is untrusted - WRONG
FritzTheCat9 commented 5 months ago

HTTPS Blazor WASM works - OK HTTP -> HTTPS redirection works - OK HTTPS site shows that certificate is untrusted - WRONG

events { }
http {
    include mime.types;

    server {
        listen 80;
        return 301 https://localhost:7001$request_uri;
    }

    server {
        listen 443 ssl;

        ssl_certificate /etc/nginx/certificate.crt;
        ssl_certificate_key /etc/nginx/private.key;
        ssl_session_cache builtin:1000 shared:SSL:10m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers on;

        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;

        location / {
            root /usr/share/nginx/html;
            index index.html;
            try_files $uri $uri/ /index.html;
        }
    }
}
FritzTheCat9 commented 5 months ago

Blazor https works just need to have secure certificate passed, to do when doing deploy on raspberry pi