Browse Source

jakies drobne zmiany

master
Lukasz Jarosz 6 years ago
parent
commit
02fe87463c
2 changed files with 5 additions and 2 deletions
  1. 4
    1
      README.md
  2. 1
    1
      files/usr/bin/ssl-auto-renew

+ 4
- 1
README.md View File

11
 
11
 
12
 ## SSL
12
 ## SSL
13
 Image supports using SSL with nginx which acts as reverse proxy for Gitea. It has embedded Lets Encrypt support with auto renewal. If you don't have account.key script will generate it for you.
13
 Image supports using SSL with nginx which acts as reverse proxy for Gitea. It has embedded Lets Encrypt support with auto renewal. If you don't have account.key script will generate it for you.
14
-Required files for cert are /data/ssl/cert.crt /data/ssl/cert.key . 
14
+Required files for cert are /data/ssl/cert.crt /data/ssl/cert.key .
15
+
16
+## Gitea
17
+There are a few tweaks to app.ini template. Most of them are around disabling unecessary logs and features that may lead to potentional exploit of installation.  

+ 1
- 1
files/usr/bin/ssl-auto-renew View File

5
     [[ ! -f $file ]] && exit
5
     [[ ! -f $file ]] && exit
6
   done
6
   done
7
 
7
 
8
-  python3 -m acme_tiny --account-key /data/ssl/account.key --csr /data/ssl/domain.csr --acme-dir /run/nginx/challenges > /data/ssl/cert.crt
8
+  python3 -m acme_tiny --account-key /data/ssl/account.key --csr /data/ssl/domain.csr --acme-dir /run/nginx/challenges > /tmp/cert.crt && mv /tmp/cert.crt /data/ssl/cert.crt
9
   s6-svc -du /etc/s6/nginx
9
   s6-svc -du /etc/s6/nginx
10
 fi
10
 fi

Loading…
Cancel
Save