diff --git a/docker/docker-compose.prod.yml b/docker/docker-compose.prod.yml index 3f9b7db..900b27a 100644 --- a/docker/docker-compose.prod.yml +++ b/docker/docker-compose.prod.yml @@ -9,38 +9,6 @@ include: - ./api-base/compose.yml - ./ELK/compose.yml -services: - proxy: - container_name: transcendence-proxy - build: - dockerfile: docker/proxy/Dockerfile - context: ../ - volumes: - - log-nginx:/var/log/front - environment: - - TZ=Europe/Paris - depends_on: - user-api: - condition: service_started - auth-api: - condition: service_started - networks: - - front - - traefik-back - restart: unless-stopped - healthcheck: - disable: true - labels: - - traefik.enable=true - - traefik.docker.network=traefik-back - - - traefik.http.routers.trans.rule=Host(`trans.kanel.ovh`) - - traefik.http.routers.trans.entrypoints=websecure - - traefik.http.routers.trans.tls=true - - traefik.http.routers.trans.tls.certresolver=letsencrypt - - traefik.http.routers.trans.service=trans - - traefik.http.services.trans.loadbalancer.server.port=80 - networks: traefik-back: external: true diff --git a/docker/proxy/compose.prod.yml b/docker/proxy/compose.prod.yml index 8904350..89d5429 100644 --- a/docker/proxy/compose.prod.yml +++ b/docker/proxy/compose.prod.yml @@ -1,11 +1,9 @@ services: - front: - container_name: transcendence-front + proxy: + container_name: transcendence-proxy build: dockerfile: docker/proxy/Dockerfile.prod context: ../../ - ports: - - ${OUT_PORT}:443 volumes: - log-nginx:/var/log/front environment: @@ -17,4 +15,21 @@ services: condition: service_started networks: - front + - traefik-back restart: unless-stopped + healthcheck: + disable: true + labels: + - traefik.enable=true + - traefik.docker.network=traefik-back + + - traefik.http.routers.trans.rule=Host(`trans.kanel.ovh`) + - traefik.http.routers.trans.entrypoints=websecure + - traefik.http.routers.trans.tls=true + - traefik.http.routers.trans.tls.certresolver=letsencrypt + - traefik.http.routers.trans.service=trans + - traefik.http.services.trans.loadbalancer.server.port=80 + +networks: + traefik-back: + external: true diff --git a/docker/proxy/config/default.conf.template b/docker/proxy/config/default.conf.template index 4135638..053ab69 100644 --- a/docker/proxy/config/default.conf.template +++ b/docker/proxy/config/default.conf.template @@ -4,6 +4,12 @@ server { listen 443 ssl; + ssl_certificate /etc/nginx/certs/fullchain.pem; + ssl_certificate_key /etc/nginx/certs/privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + modsecurity on; add_header X-Frame-Options "SAMEORIGIN" always; @@ -40,6 +46,12 @@ server { } } +server { + listen 80; + server_name example.com; + return 301 https://$host$request_uri; +} + server { listen 8080; location /nginx_status { diff --git a/src/utils/scoreStore_contract.js b/src/utils/scoreStore_contract.js index dd7c69e..b8ada16 100644 --- a/src/utils/scoreStore_contract.js +++ b/src/utils/scoreStore_contract.js @@ -3,14 +3,14 @@ import { readFile } from "fs/promises"; export const rpc_url = process.env.AVAX_RPC_URL; export const contract_addr = process.env.AVAX_CONTRACT_ADDR; -export const owner_priv_key = process.env.AVAX_PRIVATE_KEY; +export const owner_priv_key = process.env.AVAX_PRIVATE_KEY || "0x00000000000000000000000000000000000000000000"; const provider = new ethers.JsonRpcProvider(rpc_url); -const wallet = new ethers.Wallet(owner_priv_key, provider); async function loadContract() { try { + const wallet = new ethers.Wallet(owner_priv_key, provider); const contractABI = JSON.parse(await readFile(new URL('../contract/scoreStore.json', import.meta.url))); const contract = new ethers.Contract(contract_addr, contractABI, wallet);