forked from mirrors/mattermost-docker
rename cert and key to a more generic name
This commit is contained in:
parent
c01879ab68
commit
f39bb20443
@ -19,9 +19,9 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ${NGINX_MATTERMOST_CONFIG}:/etc/nginx/conf.d/mattermost.conf:ro
|
- ${NGINX_MATTERMOST_CONFIG}:/etc/nginx/conf.d/mattermost.conf:ro
|
||||||
- ${LETSENCRYPT_FULLCHAIN_PATH}:/fullchain.pem:ro
|
|
||||||
- ${LETSENCRYPT_PRIVKEY_PATH}:/privkey.pem:ro
|
|
||||||
- ${NGINX_DHPARAMS_FILE}:/dhparams4096.pem
|
- ${NGINX_DHPARAMS_FILE}:/dhparams4096.pem
|
||||||
|
- ${CERT_PATH}:/cert.pem:ro
|
||||||
|
- ${KEY_PATH}:/key.pem:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
ports:
|
ports:
|
||||||
- ${HTTPS_PORT}:443
|
- ${HTTPS_PORT}:443
|
||||||
|
@ -15,9 +15,11 @@ POSTGRES_DATA_PATH=./data/postgres # relative paths will work but absolute are
|
|||||||
## Inside the container the uid and gid is 101. The folder owner can be set with
|
## Inside the container the uid and gid is 101. The folder owner can be set with
|
||||||
## `sudo chown -R 101:101 ./data/mattermost`.
|
## `sudo chown -R 101:101 ./data/mattermost`.
|
||||||
NGINX_MATTERMOST_CONFIG=./nginx/mattermost.conf
|
NGINX_MATTERMOST_CONFIG=./nginx/mattermost.conf
|
||||||
LETSENCRYPT_FULLCHAIN_PATH=./certs/fullchain.pem
|
|
||||||
LETSENCRYPT_PRIVKEY_PATH=./certs/privkey.pem
|
|
||||||
NGINX_DHPARAMS_FILE=./nginx/dhparams4096.pem
|
NGINX_DHPARAMS_FILE=./nginx/dhparams4096.pem
|
||||||
|
|
||||||
|
CERT_PATH=./certs/fullchain.pem
|
||||||
|
KEY_PATH=./certs/privkey.pem
|
||||||
|
|
||||||
## Exposed ports to the host. Inside the container 80 and 443 will be used
|
## Exposed ports to the host. Inside the container 80 and 443 will be used
|
||||||
HTTPS_PORT=443
|
HTTPS_PORT=443
|
||||||
HTTP_PORT=80
|
HTTP_PORT=80
|
||||||
|
@ -38,8 +38,8 @@ server {
|
|||||||
ssl_prefer_server_ciphers off;
|
ssl_prefer_server_ciphers off;
|
||||||
|
|
||||||
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
|
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
|
||||||
ssl_certificate /fullchain.pem;
|
ssl_certificate /cert.pem;
|
||||||
ssl_certificate_key /privkey.pem;
|
ssl_certificate_key /key.pem;
|
||||||
|
|
||||||
# OCSP stapling
|
# OCSP stapling
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
|
Loading…
Reference in New Issue
Block a user