trying to commit with my voyager is too complicated at the moment

2025-06-27 17:37:29 +02:00 · 2025-06-27 17:37:29 +02:00 · 4a60057513
commit 4a60057513
parent 778e1a9056
10 changed files with 130 additions and 62 deletions
--- a/srcs/requirements/nginx/Dockerfile
+++ b/srcs/requirements/nginx/Dockerfile
@ -5,13 +5,12 @@ RUN apk add nginx openssl bash

 RUN mkdir -p /run/nginx /etc/nginx/ssl

+RUN rm -rf /var/www/html;
 COPY conf/nginx.conf /etc/nginx/nginx.conf
 COPY tools/generate_ssl_certificate.sh /usr/bin/generate_ssl_certificate

 RUN chmod +x /usr/bin/generate_ssl_certificate

-RUN /usr/bin/generate_ssl_certificate
-
 EXPOSE 443

-CMD ["nginx", "-g", "daemon off;"]
+CMD ["generate_ssl_certificate"]
--- a/srcs/requirements/nginx/conf/nginx.conf
+++ b/srcs/requirements/nginx/conf/nginx.conf
@ -1,16 +1,52 @@
+# /etc/nginx/nginx.conf
+# disable daemonization
+daemon off;
+# basically the default config. stolen from the container before overriting
+error_log stderr info;
+pcre_jit on;
+# user wordpress;
+worker_processes auto;
+events {
+    worker_connections 1024;
+}
 http {
-	server {
-		listen 443 ssl;
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    server_tokens off;
+    client_max_body_size 1m;
+    sendfile on;
+    tcp_nopush on;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:2m;
+    ssl_session_timeout 1h;
+    ssl_session_tickets off;
+    gzip_vary on;
+    
+    map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+    }
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+            '$status $body_bytes_sent "$http_referer" '
+            '"$http_user_agent" "$http_x_forwarded_for"';
+    access_log stderr;
+    # end of default server
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        server_name rparodi.42.fr;

-		ssl_protocols TLSv1.2 TLSv1.3;
 		ssl_certificate /etc/nginx/ssl/nginx.crt;
 		ssl_certificate_key /etc/nginx/ssl/nginx.key;
-
-		root /var/www/html;
-		index index.html;
-
-		location / {
-			try_files $uri $uri/ =404;
-		}
-	}
+        ssl_protocols TLSv1.3;
+        index index.php;
+        root /var/www/html;
+        location ~ [^/]\.php(/|$) {
+            try_files $uri =404;
+            include fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass wordpress:9000;
+        }
+    }
 }
--- a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh
+++ b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh
@ -1,14 +1,7 @@
 #!/usr/bin/env bash

-GREEN = \033[32m
-GREY = \033[0;90m
-RED = \033[0;31m
-GOLD = \033[38;5;220m
-END = \033[0m
-
 if [ ! -f "$CERT_DIR/nginx.key" ]; then
-	@printf '$GREYGenerating the ssl$GREEN Certificate$END\n';
-	openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=$DOMAIN"
-else
-	@printf '$GREYGenerating the ssl certificate$RED already exist$END\n';
+	openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=rparodi.42.fr"
 fi
+
+exec nginx