change: nginx now uses self-signed https

secrets.txt

@@ -0,0 +1 @@
+DisIsAPasswordForTheSA:D

srcs/docker-compose.yml

@@ -5,7 +5,8 @@ services:
     # TODO no latest??
     build: ./requirements/nginx/
     ports:
-      - 8080:80
+      - 4433:443
+    # domainname: mcolonna.42.fr # TODO useful? # TODO no copy
 
 ### services ###
 # image:

srcs/requirements/nginx/.dockerignore

@@ -1,2 +0,0 @@
-/Dockerfile
-/.dockerignore

srcs/requirements/nginx/Dockerfile

@@ -1,7 +1,7 @@
 # TODO no latest
 FROM alpine:latest
 
-EXPOSE 80
+EXPOSE 443
 
 # install curl
 RUN apk update
@@ -25,9 +25,9 @@ RUN apk fix
 
 # add config
 RUN rm /etc/nginx/nginx.conf
-COPY nginx.conf /etc/nginx/nginx.conf
+COPY conf/ /etc/nginx/
 RUN rm -r /usr/share/nginx/html
-COPY www /usr/share/nginx/html
+COPY www/ /usr/share/nginx/html
 
 # start
 CMD ["nginx", "-g", "daemon off;"]

srcs/requirements/nginx/conf/mcolonna.42.fr.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFyjCCA7KgAwIBAgIUSCJJNkcYCGrdVPyeIij0K+4xYxcwDQYJKoZIhvcNAQEL
+BQAwgb0xCzAJBgNVBAYTAjozMQ4wDAYDVQQIDAVlYXJ0aDEVMBMGA1UEBwwMc29s
+YXIgc3lzdGVtMRMwEQYDVQQKDApteWxhbiBjb3JwMS0wKwYDVQQLDCR0aGUgbWFp
+biBhbmQgb25seSB1bml0IG9mIG15bGFuIGNvcnAxFTATBgNVBAMMDG15bGFuIChj
+b3JwKTEsMCoGCSqGSIb3DQEJARYdbXlsYW5AbWNvbG9ubmEuNDIuZnIgcHJvYmFi
+bHkwIBcNMjUwNDAyMTUzMzUxWhgPMjEyNTAzMDkxNTMzNTFaMBkxFzAVBgNVBAMM
+DnN1cGVyYXdlc29tZWNuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+yufae4sNj7+B5buW5gkgW8UtAUJvtAeArY7XqpXIXiosUGzdUJXhgDJO9VHJjFy2
+3ATEJBMf2uJtXtPOjisxPUZbFlA5xUugWOgoIO2xdLC7Z4Zciu7A928ckhkIFRCw
+EsaIsYCNmNZV3rQ6DNJE8YCC5C/TDhyin01wEEUNJAIH2POJEyiSuJegmK35Uk4m
+Qe4qBhc3jM7mdPiUPsNzgxH35L924jhzjh0ZonYN3cdi6mHoUnDUb7DrqHWP5yOC
+0m39kKHLnH3jWFeRvwYiNWVu5D8PKcETQrhkvmwM2ECv1JhYGpsUgDu6SJSylgvl
+IK1KUE/8Q2oX5vHLAaoe3HN4VUQqsnW7S2Ncp8x6vdCaNYVROre9zGxur0ibzGQm
+jzRhC/Yo6eyP7B7IEjoATNQZ8TuXXPgkfRkN819YWXY/YfqzCaP0HGy/dWjc+So8
+C+nFsITjJYASkd2zCg9BkNWiFxaMlYLc2F8WwPLwGV8ZqAYtdem9IX+LeW3feEbC
+e/sWlsWbMJA23X6+5hZcxJRzi/J5qzk2Iwpg/jmaTak9vO3pkVbm94alteuewQY8
+OZVypK6WvY/vdeVQYgeqL2+ra+ORwg3Wumtuz1LFQqwvUEbLtuYicV+kLAL1pZTY
+ghBICgBtBqkV45c5cbEUbbjrsVcgg51J1n7TC4cZTd8CAwEAAaNjMGEwHwYDVR0R
+BBgwFoIObWNvbG9ubmEuNDIuZnKHBH8AAAEwHQYDVR0OBBYEFNPoa7p0ltnw8UKu
++CjgOkcSYyaYMB8GA1UdIwQYMBaAFPpKGyjeoaBrRvUK7DGX91sfsC8aMA0GCSqG
+SIb3DQEBCwUAA4ICAQCNyyBfb7poleEHzW9UVvGfZcQlLLdiGmTUX0rFWiva8Tju
+r7rolKw/Ai08Wt9bT3qld1ss/gWCo7mRjpXLCPgCV9/De5oWhwH+n0dztOavDIi6
+50Nkg9dIrthiHDBrAU9Z2DuecB6R0h22PKTz/rbxAIdzBfKSnw9AKdfPQGR7LKgy
+ez3NATa7Ul677FWyRNgeTVajEHIkrPk2kaaNV/2vcQRo35u0p1jOmM2Xys2Qgrfx
+YhY3ysP7ZncjVeg7DYlsJOa13vHrkHr42eNpglcHLqoGnZ2wriT2V8Ca6WZlTKxn
+LgHc0sRF6GtOLtRJNrhXgmMBtLBzAbK77qb9m2OhHcphAWQKpnaqONXmrHTbZGxR
+ct7ZoGZj3XWYQmAyEmS788cHW9sMx9Zv1888r7V+E6mh4UbGlOo64x30Od43RLLH
+PmEoO9qIGx6epNbLz2UqP24oJM+82XVbEpvkg3mm6tYZXKVAW0eWpMJe7xtAlO0L
+QhAPcxoA8HCd/TeMzqeomqgUY97IDH8buTK1fuw60jEl4VOvZNP3DA7eqjEkrLYC
+xNmXP4OBgJU1wYv7VGVagwRJf3g9SpE231kdEOIswBGX8qQ6KBGmqbu8LPgKwMQr
+P9WQBbSWY4m8Hy/ENQnsIPZ4JlRIXcL5x5KXAf5LPJA4KT1NBD5jF9mYTKRf2A==
+-----END CERTIFICATE-----

srcs/requirements/nginx/conf/mcolonna.42.fr.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDK59p7iw2Pv4Hl
+u5bmCSBbxS0BQm+0B4CtjteqlcheKixQbN1QleGAMk71UcmMXLbcBMQkEx/a4m1e
+086OKzE9RlsWUDnFS6BY6Cgg7bF0sLtnhlyK7sD3bxySGQgVELASxoixgI2Y1lXe
+tDoM0kTxgILkL9MOHKKfTXAQRQ0kAgfY84kTKJK4l6CYrflSTiZB7ioGFzeMzuZ0
++JQ+w3ODEffkv3biOHOOHRmidg3dx2LqYehScNRvsOuodY/nI4LSbf2QocucfeNY
+V5G/BiI1ZW7kPw8pwRNCuGS+bAzYQK/UmFgamxSAO7pIlLKWC+UgrUpQT/xDahfm
+8csBqh7cc3hVRCqydbtLY1ynzHq90Jo1hVE6t73MbG6vSJvMZCaPNGEL9ijp7I/s
+HsgSOgBM1BnxO5dc+CR9GQ3zX1hZdj9h+rMJo/QcbL91aNz5KjwL6cWwhOMlgBKR
+3bMKD0GQ1aIXFoyVgtzYXxbA8vAZXxmoBi116b0hf4t5bd94RsJ7+xaWxZswkDbd
+fr7mFlzElHOL8nmrOTYjCmD+OZpNqT287emRVub3hqW1657BBjw5lXKkrpa9j+91
+5VBiB6ovb6tr45HCDda6a27PUsVCrC9QRsu25iJxX6QsAvWllNiCEEgKAG0GqRXj
+lzlxsRRtuOuxVyCDnUnWftMLhxlN3wIDAQABAoICAGGujeWlE1HNSd1N2n8DDMNx
+YNG26KzcYcvsNRJoCm6e0fej+UXG6ik7zvxWM/fxWI0CdGTDmjXXhPy+bjXOQGW1
+3bsXw0AiwN6cYVk85Q3+2TGlIx81gst7/96r01LE1mcrkfoWH9Tg9rUAweOTROKY
+0irFhU9JZNbZQmZqv8FCgwGkeKyy/zODt6pZMuq3Ob7KyAtnmPQeVR8h3sh6cr06
+ZMOIk1SkBal4g/NM7y8CQrIAkYZC0Fq26zSN6EnHtD7W+dfrtGixyEWq3rz+WHCp
+VOHoI8Yfr8SSndl4jhR7y8pGzz97wjpbxroTcAhBULzTADA62YCg7kHdzLQP8Mun
++8adXFYGkRO1lFiLebWr9Mg1Y7nO8t5LUAQMV+zOeXXETdSZnmofHCNNfMojxDd7
+ZKX8uu4Tw9RKnKtujwRREM2XsJqouVNQCquE4/2dgnA2ehA22Id2R3fpQxNabR+9
+QC8JBbClZ7cel3d225ZchTUm8EggRB0aiVIQV/RyI96b0El5si9qEl+waJ4S1rrU
+fRcbCgEoSzcTnvuq6Pj1rQEa7xeU0w2VfH5idFV7SSKKJwxkSgOafIjDG/TaQZ7a
+0yAkKsIQN2bWlFatXGyUwWjJ3rBdMlZsfXbGbIghacsKSbz5X1LQZbXwuDLA7DkI
+LxSu6XvFoaR0un8sM1GJAoIBAQDqEVayarK9DvLZ1jPIpAqReKg2sHfuYdHtN1gk
+DcszbAXhUITzKMVytsWEmKYDAzKCaxESpT9zzTJfdPc1aC/nujNvBZ3x8WYXb2TE
+bxEnbjjgZajPEXHVjiI0qGnjKJb/IDkBPUU9OZ2Mv8g/V7ewPNm/Oo6uxd/pn+Gt
+XFHUFiVtnb8fotov+86k0Vk7dfp2YSoFNMm/iOBVd4dJ/0utp3DkGPwWkWsGMkFA
+enTWXTktcjNWQi/pWMDpS4CxplIA+oWt1Ddt8oM1cV222QhCSln9WL2Pz4zk0Cz4
+9e21xpxs4cKKKQNbfk28JnmTtk+ILExspM37Tzw49w2OYMt5AoIBAQDd6wUqNkXw
+xb2H1T87IRmflAXKSRZ3+HqZUw4Ib5mxfsuZ8YMy1RNa88HZm33h7U6ThNNvJP3S
+erV9OdLuSNtyZW9COVwOm3+ELNd8qaMkwansfb3wTohocRUyG2FOHqFJfK0iTnwM
+2mNs8E0D6kIHkWjIRBARTX0QXF0zQYWh2W79jR3qXZMYQeRU7eQiJ+9thTwvAfJt
+UfvDcprL6j/46vr1vkYRVC2mKPqFagFa2ZIZNdMBlJoTyRSgdIM6dt0LGai5UURI
+47+o4/4B9Id8ojloUq641X1yJJxJ8EftZloKbKqx69hNISKDGOFlBK+hUOMRa71d
+Sm5n3Yrq97YXAoIBAQDl0GRJBQ29JmI2k2OAid9+ePLfz1/Rg+WzfPVjYM+0C0my
+sXX3sH48ZUuFJsNIjekXt7upjOnB7ySYKKVXoJX4dQ9u4Br1o8hTFiHf5BT5m/To
+DagytrQHs2fOP9THHeEzWRXfK6NBu8H+oYYg+yT1OqmoYfwZiVqRbVMM/WmyTJQv
+DgTLMP/8wMVhedKc2PczJ680MWIsVl28TIFem/RX6eCjdAx+tARarxj2D8WLezha
+cJgLBy03dNbjuCgBRIWbRF3gEE7j+ons/QPANVMwkwPMBUcJXgS9289sGTptkTWg
+igCR2jbbrCTyqOwRpZxs3OGkgiNjraY5YAfFVTAxAoIBAQCD6udhFm4xGHr4Og2i
+aqS+tdFTVGsk2fKXHkYjQaQNXSBO3MBvATbGREyhvMrx+I1TKAw/769q5ULps+vt
+diXtNNsUdOCCVnFQ8w8NrhGrEeyfBohYR3bTDxXYeWo4dADQnGqXECyxv0iHQ7mk
+cCbcNNYi5kLe5j9H8H/+rh5v/b76vl5gKUv9iX3f9qI8o5yycBc8ol2oGqocnw3h
+1dg9cgHI/1jLiEyyj32MvV0c0mUE03ghYmLNDCVU1K4FnQ79QD2KHAMJiUkvboha
+RTAdKJoTp8LxYQd3SMgXM9yuBL/Vno9BwL8N6nqHj8y8rjJxJJI2kuM4h7xlxc6E
+qsf1AoIBAGwtbYtgM1BhrCnt4lBfyJMtjBSI7JzyY5r/welL7iTYDRYqZDqJjfsG
+on+pQMScRyFi0EZwKmr9RcGpE202yKHH5P4zcoFdf0uCS2hHy/b4LNF/xTfbbWRH
+gO74wIvG2wG3dqzstayBoOCqjmMriRy07MXac5y1uatLCeAl2JnC59ON/T3+Hxpv
+8rqn82gDaV36mg+yUZtoqtKWQ3YJelwMtnd8QrCj9X46gabpMtQyiak0SKg8Ebo7
+f1aDK67mBT74eT9KxNAexOP+sTdAjaDj/hFIdrRKBVtwu5sj3rXVu4B5xMi0CaZd
+99QtKthw4Cvq44EJOzKZsdkAy2GGHjM=
+-----END PRIVATE KEY-----

srcs/requirements/nginx/conf/nginx.conf

@@ -30,8 +30,12 @@ http {
     #gzip  on;
 
 	server {
-		listen       80;
-		server_name  mcolonna.42.fr; # TODO from env var?
+		listen               443 ssl;
+		server_name          mcolonna.42.fr; # TODO from env var?
+		ssl_certificate      mcolonna.42.fr.crt;
+		ssl_certificate_key  mcolonna.42.fr.key; # TODO secret? # TODO in .cert?
+		ssl_protocols        TLSv1.3;
+		# TODO ssl_ciphers
 
 		#access_log  /var/log/nginx/host.access.log  main;
 

srcs/requirements/nginx/more/ca.pem

@@ -0,0 +1,37 @@
+-----BEGIN CERTIFICATE-----
+MIIGXzCCBEegAwIBAgIUSCUe1jmf7CeAOl7Er2tsvB90u3EwDQYJKoZIhvcNAQEL
+BQAwgb0xCzAJBgNVBAYTAjozMQ4wDAYDVQQIDAVlYXJ0aDEVMBMGA1UEBwwMc29s
+YXIgc3lzdGVtMRMwEQYDVQQKDApteWxhbiBjb3JwMS0wKwYDVQQLDCR0aGUgbWFp
+biBhbmQgb25seSB1bml0IG9mIG15bGFuIGNvcnAxFTATBgNVBAMMDG15bGFuIChj
+b3JwKTEsMCoGCSqGSIb3DQEJARYdbXlsYW5AbWNvbG9ubmEuNDIuZnIgcHJvYmFi
+bHkwIBcNMjUwNDAyMTUxMTQwWhgPMjEyNTAzMDkxNTExNDBaMIG9MQswCQYDVQQG
+EwI6MzEOMAwGA1UECAwFZWFydGgxFTATBgNVBAcMDHNvbGFyIHN5c3RlbTETMBEG
+A1UECgwKbXlsYW4gY29ycDEtMCsGA1UECwwkdGhlIG1haW4gYW5kIG9ubHkgdW5p
+dCBvZiBteWxhbiBjb3JwMRUwEwYDVQQDDAxteWxhbiAoY29ycCkxLDAqBgkqhkiG
+9w0BCQEWHW15bGFuQG1jb2xvbm5hLjQyLmZyIHByb2JhYmx5MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAtTDajPzwjjzdLnPXSAhjJKNcWJbHwMYztUQJ
+1FHPA6wrLMXpjxptbSlwtJCFExpnKZDJmYPK5hA07r6jYVqL1XVXREjEUbJzJ2H7
+JdAu+0/RT85WfImENqDGlVkogH4Mcp/rq/0vcrmHsUfi/dKVlb2ESVuO2cDoDfaQ
+6GNDTLLlCMPBkdUkeLgABTQJNFiOTeI1hkcNoZWI0FV5LB+QlTYnJoRkUQEdV73F
+rKqENRKqBMr5d5EzpDUxpiYF8Y0S3GURwBXYnFz4nzInCw8ukn+deVlh7iZzHevj
+lqQqDfN47dYyG5XaPZpFoSBl6lyDiKpg+1zH54WlBxjVnBqdadsQOwbzvdMLDebp
+fP2rhAuurizIQpjsuD2QCdAka8XQwuv7GH19N3ZOjcoV47jMCZBTF2PhB1S+a4Ud
+oAOkOSyCJ8B8crzPGa3+7a06NMhGnEFSX4mxgw2RJM42atF/Zd3ERlds8hUcQsar
+QbX4HJ8+7da47mrVcKbVWux6fM4GamRUyBP80XM0BhN2Esdz8LXSH9+Lueh3cmle
+BSNMZI1T2BQBWi+Z/hrxT3Qsufc1o/yL6WR6hecH+jM6/p5Q0TzCeB2cZr3gO1eB
+r4dZ/NwYy05cwZSRAFD8zxduRBGgCbRTamFTkuTJbAymthnNvJ3Xm0VdwB8W4q5p
+XtoFaNUCAwEAAaNTMFEwHQYDVR0OBBYEFPpKGyjeoaBrRvUK7DGX91sfsC8aMB8G
+A1UdIwQYMBaAFPpKGyjeoaBrRvUK7DGX91sfsC8aMA8GA1UdEwEB/wQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggIBAAo/jDALZz0VbafsC/PTNE9jP3IofCcBmSDmjBub
+RR9gArgKhlBORXQCE3phFpKGBrYy28LShykHBf6ZXsKFmdgjGkAqL0ouVsBSzgZU
+tGjQrnY4sh1jCYi3Qe7L/bkgXi8Oyhi0u54dslsnN9Nr5BujJXauDRiiO5o8ZjUz
+JJCJZk9OmbzyEXwm9JhgRUAzG7D8FKTsy7s8AWkj+ibb/0WasSwaDJkgQo6ndUv7
+mMYxS/2Gc1HF8R5wkmGXiaU1SIIPIgNUj4E5weCcGqwBkiQ9I8TwW8d4MbSSeIoK
+o6PS85cZsDYrEbm0qShpbhBdKUSdzoxDgAv0ZbQ7j7CbkuuB6Ad007NhGxogkTIy
+uC5eoUdrEJ2zelC7PX4d51EvIPjXhD+YAtrgmub1dkmApEUP/yDojY9GdQpEm58P
+x+NF548BK7U2PxIKPqWqEwymTkd0X4haBV7JZXgwcGulSdVpcSBVYLVQHOF3AzvP
+/c7q66YodFvsUBWvjCAgVc2vRYmhchogGm1wuk4g1EO8MPnui4ySMy7d81pqS0rm
+3183PN+nGtl+yTsjtcp/qrWc/CyP2V7EpcUQrLHiqzpTYJeYZPmSsfVZdfZlfef0
+hVhO47vIOLGDXsCM1ymZYm/Y+dk5Rjfin7prMf0ZK9YqH7magqWH9yE+JbV6nZG8
+N7cI
+-----END CERTIFICATE-----