「🏗️」 wip: Added prodution option for CD

2025-02-07 14:48:34 +01:00
parent 13586ceb1a
commit 0aef0328c1
3 changed files with 36 additions and 12 deletions
--- a/srcs/configs/nginx/entry/cert-gen.sh
+++ b/srcs/configs/nginx/entry/cert-gen.sh
@ -1,9 +1,22 @@
 #!/bin/sh
-
-if [ ! -f ${NGINX_SSL_KEY_FILE} ]; then
-	echo "Generating certs"
-	mkdir -p /etc/nginx/ssl
-	openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${NGINX_SSL_KEY_FILE} -out ${NGINX_SSL_CERT_FILE} -subj "/C=FR/ST=IDF/L=Angouleme/O=42/OU=42/CN=adjoly.42.fr/UID=adjoly"
+if [ ! -v ${PRODUCTION} ]; then
+	if [ ! -f ${NGINX_SSL_KEY_FILE} ]; then
+		echo "Generating certs"
+		mkdir -p /etc/nginx/ssl
+		openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${NGINX_SSL_KEY_FILE} -out ${NGINX_SSL_CERT_FILE} -subj "/C=FR/ST=IDF/L=Angouleme/O=42/OU=42/CN=adjoly.42.fr/UID=adjoly"
+	else 
+		printf "Key already exist not recreating\n"
+	fi
 else
-	printf "Key already exist not recreating\n"
+	printf "Entering production mode for nginx"
+	INPUT_FILE="/etc/nginx/http.d/www.conf"
+	OUTPUT_FILE="/etc/nginx/http.d/www.conf"
+	sed -E '
+	s/listen\s+443 ssl;/listen 80;/; 
+	s/server_name.*/&\n\tlisten 80;/; 
+	/ssl_certificate/d; 
+	/ssl_certificate_key/d; 
+	/ssl_protocols/d; 
+	/ssl_session_timeout/d;
+	' "$INPUT_FILE" > "$OUTPUT_FILE"
 fi
--- a/srcs/configs/nginx/templates/www.conf.template
+++ b/srcs/configs/nginx/templates/www.conf.template
@ -1,7 +1,7 @@
 server {
    listen				443 ssl;

-    server_name			adjoly.42.fr www.adjoly.42.fr;
+    server_name			$NGINX_EXPOSED_HOSTS;
 	
    root				/var/www/html;
    index				index.php;
--- a/srcs/docker-compose.yml
+++ b/srcs/docker-compose.yml
@ -21,18 +21,29 @@ services:
      - NGINX_PHP_HOST=inception-wordp-php
      - NGINX_SSL_KEY_FILE=/etc/nginx/ssl/adjoly-wp.key
      - NGINX_SSL_CERT_FILE=/etc/nginx/ssl/adjoly-wp.crt
+      - NGINX_EXPOSED_HOSTS=adjoly.42.fr
    depends_on:
      wordpress-php:
-        condition: service_started
+        condition: service_healthy
      db:
-        condition: service_started
+        condition: service_healthy
    volumes:
      - wp-site:/var/www/html
      - ./configs/nginx/templates:/etc/nginx/templates
      - ./configs/nginx/entry:/docker-entrypoint.d
    ports:
-      - "443:443"
+      - "10443:443"
    restart: unless-stopped
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=traefik-back
+      
+      - traefik.http.routers.inception.rule=Host(`inception.kanel.ovh`)
+      - traefik.http.routers.inception.entrypoints=websecure
+      - traefik.http.routers.inception.tls=true
+      - traefik.http.routers.inception.tls.certresolver=letsencrypt
+      - traefik.http.routers.inception.service=inception
+      - traefik.http.services.inception.loadbalancer.server.port=80

  wordpress-php:
    container_name: inception-wordp-php
@ -43,7 +54,7 @@ services:
      - inception
    depends_on:
      db:
-        condition: service_started
+        condition: service_healthy
    environment:
      - PHP_MEMORY_LIMIT="512M"
      - PHP_MAX_UPLOAD="50M"