search

atlanticwave-sdx / sdx-meican

Other
0 stars 1 forks source link

Add support for HTTPS in meican docker image #6

Closed italovalcy closed 1 year ago

italovalcy commented 1 year ago

Closes N/A

Description of the change

This pull request adds support for HTTPS into Meican docker image, with automatic redirect from HTTP to HTTPS and using default snakeoil certificate (as provided by packet cert-ssl). I've also added instructions on how to mount volumes on the docker-compose file to use your own certificate.

Local tests

Building the new docker image works as expected:

ubuntu@ubuntu:~/sdx-meican$ docker compose -f docker-compose.yml -f docker-compose.dev.yml build
[+] Building 75.9s (12/12) FINISHED
 => [internal] load build definition from Dockerfile_dev                                                                                                                                                                                                                                                          0.1s
 => => transferring dockerfile: 1.34kB                                                                                                                                                                                                                                                                            0.0s
 => [internal] load .dockerignore                                                                                                                                                                                                                                                                                 0.0s
 => => transferring context: 2B                                                                                                                                                                                                                                                                                   0.0s
 => [internal] load metadata for docker.io/library/ubuntu:16.04                                                                                                                                                                                                                                                   5.1s
 => [1/7] FROM docker.io/library/ubuntu:16.04@sha256:1f1a2d56de1d604801a9671f301190704c25d604a416f59e03c04f5c6ffee0d6                                                                                                                                                                                             0.0s
 => [internal] load build context                                                                                                                                                                                                                                                                                 0.0s
 => => transferring context: 1.15kB                                                                                                                                                                                                                                                                               0.0s
 => CACHED [2/7] RUN apt-get update  && apt-get install -yq --no-install-recommends     apt-utils     curl     sudo     zip     unzip     apache2     php7.0     php7.0-mysql     php7.0-mbstring     php7.0-curl     php7.0-soap     php7.0-xml     libapache2-mod-php     ssl-cert     ca-certificates  && rm   0.0s
 => CACHED [3/7] RUN adduser --disabled-password --gecos '' meican  && usermod -aG sudo meican  && cd /  && curl -kO https://getcomposer.org/download/1.9.3/composer.phar                                                                                                                                         0.0s
 => CACHED [4/7] WORKDIR /home/meican/meican-3.3.0                                                                                                                                                                                                                                                                0.0s
 => [5/7] RUN curl -kO https://getcomposer.org/download/1.9.3/composer.phar  && su meican -c "php composer.phar global require "fxp/composer-asset-plugin:~1.4.4""  && ln -s /home/meican/meican-3.3.0/web /var/www/meican  && a2enmod rewrite ssl                                                               69.6s
 => [6/7] COPY 000-default.conf /etc/apache2/sites-available/                                                                                                                                                                                                                                                     0.2s
 => [7/7] COPY docker-entrypoint.sh /                                                                                                                                                                                                                                                                             0.1s
 => exporting to image                                                                                                                                                                                                                                                                                            0.7s
 => => exporting layers                                                                                                                                                                                                                                                                                           0.7s
 => => writing image sha256:21cbc6527169da7e6af43454b99dbff0b8fcf87f93db0e2ef6dd71e17e64766b                                                                                                                                                                                                                      0.0s
 => => naming to docker.io/library/meican-app-dev                                                                                                                                                                                                                                                                 0.0s

Also, upon startup the correspondent port will be properly setup:

ubuntu@ubuntu:~/sdx-meican$ docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d
[+] Running 5/5
 ⠿ Network sdx-meican_default     Created                                                                                                                                                                                                                                                                         0.2s
 ⠿ Volume "sdx-meican_db-meican"  Created                                                                                                                                                                                                                                                                         0.0s
 ⠿ Container meican-db            Started                                                                                                                                                                                                                                                                         1.4s
 ⠿ Container meican-phpmyadmin    Started                                                                                                                                                                                                                                                                         2.7s
 ⠿ Container meican-app-dev       Started                                                                                                                                                                                                                                                                         2.7s

ubuntu@ubuntu:~/sdx-meican$ docker ps
CONTAINER ID   IMAGE                   COMMAND                  CREATED          STATUS          PORTS                                                                      NAMES
c78c6b1e1935   phpmyadmin/phpmyadmin   "/docker-entrypoint.…"   19 minutes ago   Up 19 minutes   0.0.0.0:8081->80/tcp, :::8081->80/tcp                                      meican-phpmyadmin
0d92f2195770   meican-app-dev          "./docker_for_build/…"   19 minutes ago   Up 19 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   meican-app-dev
4c7409dabc42   mysql:5.7               "docker-entrypoint.s…"   19 minutes ago   Up 19 minutes   3306/tcp, 33060/tcp                                                        meican-db

Finally, the test to validate if it is working:

> curl http://192.168.64.8
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://192.168.64.8/">here</a>.</p>
<hr>
<address>Apache/2.4.18 (Ubuntu) Server at 192.168.64.8 Port 80</address>
</body></html>

> curl -L http://192.168.64.8 --insecure | head
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   307  100   307    0     0  39592      0 --:--:-- --:--:-- --:--:--   99k
100  4094  100  4094    0     0  82076      0 --:--:-- --:--:-- --:--:-- 82076
<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <title>MEICAN - Management Environment of Inter-domain Circuits for Advanced Networks</title>
    <!-- Tell the browser to be responsive to screen width -->
    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
    <meta name="csrf-param" content="_csrf">
    <meta name="csrf-token" content="RjhXc01rVnAzCjhCCToaAzQODzEvImIXD0kYJgI0IQkSYT8QBhg/XQ==">