feat: use ssl.

Author: WuJun

docker-compose.yml

@@ -37,6 +37,9 @@ services:
     volumes:
       - './nginx:/etc/nginx/sites-enabled'
       - './nginx/default.conf:/etc/nginx/conf.d/default.conf'
+      # letsencrypt will put generated pems under /etc/letsencrypt/live/yourdomain.com, copy them to nginx container. 
+      # - '/etc/letsencrypt/live/yourdomain.com/fullchain.pem:/etc/nginx/ssl/fullchain.pem'
+      # - '/etc/letsencrypt/live/yourdomain.com/privkey.pem:/etc/nginx/ssl/privkey.pem'
     links:
       - parse-dashboard
       - parse

nginx/default.conf

@@ -1,28 +1,8 @@
-# HTTP - redirect all requests to HTTPS
-# server {
-#     # listen 80;
-#     # listen [::]:80 default_server ipv6only=on;
-#     # return 301 https://$host$request_uri;
-# }
+### without letsencrypt start ###
 
-# HTTPS - proxy requests to /parse-server/
 # through to Parse Server
 server {
-    # listen 443 ssl;
     listen 80;
-    # server_name chigua.live www.chigua.live;
-
-    # root /usr/share/nginx/html;
-    # index index.html index.htm;
-
-    # ssl on;
-    # # Use certificate and key provided by Let's Encrypt:
-    # ssl_certificate /etc/nginx/ssl/chained.pem;
-    # ssl_certificate_key /etc/nginx/ssl/domain.key;
-    # ssl_session_timeout 5m;
-    # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-    # ssl_prefer_server_ciphers on;
-    # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
 
     # Pass requests for /parse/ to Parse Server instance at localhost:1337
     location /api/ {
@@ -44,4 +24,52 @@ server {
          proxy_set_header Host $http_host;
          proxy_redirect off;
      }
-}
+}
+
+
+#------------------ dividing line for using ssl -------------------#
+
+### without letsencrypt end ###
+
+
+### the final sample with letsencrypt start ### 
+
+# server {
+#      listen 80;
+#      listen [::]:80 default_server ipv6only=on;
+#      return 301 https://$host$request_uri;
+# }
+
+# server {
+#     listen 443 ssl;
+#     server_name yourdomain.com www.yourdomain.com;
+
+
+#     ssl on;
+#     ssl_certificate /etc/nginx/ssl/fullchain.pem;
+#     ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+#     ssl_session_timeout 5m;
+#     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+#     ssl_prefer_server_ciphers on;
+#     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+
+#     location /api/ {
+#          proxy_pass http://parse:1337/;
+#          proxy_set_header X-Real-IP $remote_addr;
+#          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#          proxy_set_header X-NginX-Proxy true;
+#          proxy_ssl_session_reuse off;
+#          proxy_set_header Host $http_host;
+#          proxy_redirect off;
+#     }
+
+#     location / {
+#          proxy_pass http://parse-dashboard:4040/;
+#          proxy_set_header Host $host;
+#          proxy_set_header X-Real-IP $remote_addr;
+#          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#          proxy_set_header X-Forwarded-Proto https;
+#     }
+# }
+
+### the final sample with letsencrypt end ###