borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-06 20:15:23 +02:00
parent cfbc0ae0c6
commit af072b74fd
1 changed files with 34 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
generate-ssl-cert.sh
View File

@@ -13,7 +13,7 @@ BLUE='\033[0;34m'
NC='\033[0m' # No Color NC='\033[0m' # No Color
# Certificate configuration # Certificate configuration
CERT_DIR="./docker/ssl" CERT_DIR="/etc/ssl/uggla"
CERT_NAME="uggla" CERT_NAME="uggla"
CERT_KEY="${CERT_DIR}/${CERT_NAME}.key" CERT_KEY="${CERT_DIR}/${CERT_NAME}.key"
CERT_CRT="${CERT_DIR}/${CERT_NAME}.crt" CERT_CRT="${CERT_DIR}/${CERT_NAME}.crt"
@@ -23,13 +23,22 @@ DAYS=3650 # 10 years
echo -e "${BLUE}======================================${NC}" echo -e "${BLUE}======================================${NC}"
echo -e "${BLUE} Uggla SSL Certificate Generator${NC}" echo -e "${BLUE} Uggla SSL Certificate Generator${NC}"
echo -e "${BLUE} For External Proxy Configuration${NC}"
echo -e "${BLUE}======================================${NC}" echo -e "${BLUE}======================================${NC}"
echo echo
# Check if running as root
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}This script must be run as root to create certificates in /etc/ssl/${NC}"
echo "Please run: sudo $0"
exit 1
fi
# Create SSL directory if it doesn't exist # Create SSL directory if it doesn't exist
mkdir -p "${CERT_DIR}" mkdir -p "${CERT_DIR}"
echo -e "${YELLOW}This script will generate a self-signed SSL certificate valid for 10 years.${NC}" echo -e "${YELLOW}This script will generate a self-signed SSL certificate valid for 10 years.${NC}"
echo -e "${YELLOW}Certificate will be placed in /etc/ssl/uggla/ for your external proxy.${NC}"
echo -e "${YELLOW}You'll need to provide certificate details and domain names.${NC}" echo -e "${YELLOW}You'll need to provide certificate details and domain names.${NC}"
echo echo
@@ -171,12 +180,30 @@ openssl x509 -in "${CERT_CRT}" -dates -noout
echo echo
echo -e "${YELLOW}Next steps:${NC}" echo -e "${YELLOW}Next steps:${NC}"
echo "1. Update your nginx configuration to use these certificates" echo "1. Configure your external proxy (nginx/apache/traefik) to use these certificates:"
echo "2. In docker/nginx/default.conf, add SSL configuration:" echo " Certificate: ${CERT_CRT}"
echo " ssl_certificate /etc/nginx/ssl/${CERT_NAME}.crt;" echo " Private Key: ${CERT_KEY}"
echo " ssl_certificate_key /etc/nginx/ssl/${CERT_NAME}.key;" echo ""
echo "3. Mount the SSL directory in docker-compose.yml (already configured)" echo "2. Example nginx configuration:"
echo "4. Restart your Docker containers" echo " server {"
echo " listen 443 ssl;"
echo " ssl_certificate ${CERT_CRT};"
echo " ssl_certificate_key ${CERT_KEY};"
echo " location /uggla/ {"
echo " proxy_pass http://localhost:8080/uggla/;"
echo " }"
echo " }"
echo ""
echo "3. Example Apache configuration:"
echo " <VirtualHost *:443>"
echo " SSLEngine on"
echo " SSLCertificateFile ${CERT_CRT}"
echo " SSLCertificateKeyFile ${CERT_KEY}"
echo " ProxyPass /uggla/ http://localhost:8080/uggla/"
echo " </VirtualHost>"
echo ""
echo "4. Docker cluster should run on internal ports (8080/8443)"
echo "5. External proxy forwards traffic to Docker cluster"
echo echo
echo -e "${RED}Warning: This is a self-signed certificate.${NC}" echo -e "${RED}Warning: This is a self-signed certificate.${NC}"
echo -e "${RED}Browsers will show security warnings. Add to trusted certificates if needed.${NC}" echo -e "${RED}Browsers will show security warnings. Add to trusted certificates if needed.${NC}"