diff --git a/.gitignore b/.gitignore index fb58dee..4eb70ee 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ .env data +proxy/ssl/misp.crt +proxy/ssl/misp.key diff --git a/docker-compose-nginx.yml b/docker-compose-nginx.yml index ddc8394..c5fcfc9 100644 --- a/docker-compose-nginx.yml +++ b/docker-compose-nginx.yml @@ -4,12 +4,12 @@ services: proxy: build: context: proxy - container_name: proxy + container_name: misp_proxy restart: unless-stopped image: misp-proxy:latest ports: - 80:80 - - 4443:443 + - 443:443 web: build: web diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 39e6962..60aad83 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -1,11 +1,8 @@ -FROM nginx:1.9 +FROM nginx:1.18 # default conf for proxy service COPY ./default.conf /etc/nginx/conf.d/default.conf -# NOT FOUND response -COPY ./backend-not-found.html /var/www/html/backend-not-found.html - # Proxy and SSL configurations COPY ./includes/ /etc/nginx/includes/ diff --git a/proxy/backend-not-found.html b/proxy/backend-not-found.html deleted file mode 100644 index bebb95c..0000000 --- a/proxy/backend-not-found.html +++ /dev/null @@ -1,6 +0,0 @@ - -Proxy Backend Not Found - -

Proxy Backend Not Found

- - diff --git a/proxy/default.conf b/proxy/default.conf index 2c4c753..8a0f3f8 100644 --- a/proxy/default.conf +++ b/proxy/default.conf @@ -1,13 +1,16 @@ -# web service1 config. +# plain http redirect to https server { listen 80; - listen 443 ssl http2; - server_name web; + listen [::]:80; + server_name localhost; + return 301 https://$server_name$request_uri; +} +# main server, reverse proxy to 'web' container +server { + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name localhost; - if ($scheme != "https") { - rewrite ^ https://$host$uri permanent; - } - # Path for SSL config/key/certificate ssl_certificate /etc/ssl/certs/nginx/misp.crt; ssl_certificate_key /etc/ssl/certs/nginx/misp.key; @@ -21,25 +24,3 @@ server { access_log off; error_log /var/log/nginx/error.log error; } - -# Default -server { - listen 80 default_server; - - server_name _; - root /var/www/html; - - charset UTF-8; - - error_page 404 /backend-not-found.html; - location = /backend-not-found.html { - allow all; - } - location / { - return 404; - } - - access_log off; - log_not_found off; - error_log /var/log/nginx/error.log error; -}