You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2020/12/16 18:54:19 UTC
[myfaces-tobago] branch master updated: enable https for
tobago-vm.apache.org
This is an automated email from the ASF dual-hosted git repository.
lofwyr pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/myfaces-tobago.git
The following commit(s) were added to refs/heads/master by this push:
new ef098c1 enable https for tobago-vm.apache.org
ef098c1 is described below
commit ef098c14836cb88e495a48589a2b9808238cd3ec
Author: Udo Schnurpfeil <ud...@irian.eu>
AuthorDate: Wed Dec 16 19:51:43 2020 +0100
enable https for tobago-vm.apache.org
---
.../tobago-vm/docker/apache-proxy/000-default.conf | 8 ++++----
.../{000-default.conf => 001-ssl.conf} | 22 ++++++++++++++--------
.../main/tobago-vm/docker/apache-proxy/Dockerfile | 15 ++++++++-------
.../src/main/tobago-vm/docker/docker-compose.yml | 2 +-
4 files changed, 27 insertions(+), 20 deletions(-)
diff --git a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf
index 608b956..71a36d6 100644
--- a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf
+++ b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf
@@ -20,11 +20,11 @@ ServerName tobago-vm.apache.org
<VirtualHost *:80>
- ServerName tobago-vm.apache.org
- ServerAdmin dev@myfaces.apache.org
+ ServerName tobago-vm.apache.org
+ ServerAdmin dev@myfaces.apache.org
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
# Permanent external links:
Redirect temp /intro.html /demo-4-release/content/10-intro/intro.xhtml
diff --git a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/001-ssl.conf
similarity index 88%
copy from tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf
copy to tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/001-ssl.conf
index 608b956..456c0a2 100644
--- a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/000-default.conf
+++ b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/001-ssl.conf
@@ -13,18 +13,24 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-ServerTokens ProductOnly
-ServerSignature Off
+MDCertificateAgreement accepted
+MDomain tobago-vm.apache.org
-ServerName tobago-vm.apache.org
+<VirtualHost *:443>
-<VirtualHost *:80>
+ ServerName tobago-vm.apache.org
+ ServerAdmin dev@myfaces.apache.org
- ServerName tobago-vm.apache.org
- ServerAdmin dev@myfaces.apache.org
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
+ SSLEngine on
+ # no certificates specification
+ SSLProtocol +TLSv1.2 +TLSv1.3
+ SSLHonorCipherOrder on
+ SSLCipherSuite 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'
+
+ Protocols h2 http/1.1 acme-tls/1
# Permanent external links:
Redirect temp /intro.html /demo-4-release/content/10-intro/intro.xhtml
diff --git a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/Dockerfile b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/Dockerfile
index 55d561e..5336410 100644
--- a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/Dockerfile
+++ b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/apache-proxy/Dockerfile
@@ -15,16 +15,18 @@
FROM debian:buster-slim
+RUN echo "deb http://deb.debian.org/debian buster-backports main" >/etc/apt/sources.list.d/buster-backports.list
+
RUN apt-get update \
&& apt-get upgrade -y \
- && apt-get install -y less vim apache2 \
+ && apt-get install -y less vim \
+ && apt-get install -y -t buster-backports apache2 \
&& apt-get clean \
- && rm -rf /var/lib/apt/lists/* \
- && a2enmod proxy proxy_http
+ && rm -rf /var/lib/apt/lists/*
+
+RUN a2enmod proxy proxy_http ssl md
-# todo: SSL
-#COPY 000-default.conf 001-ssl.conf /etc/apache2/sites-enabled/
-COPY 000-default.conf /etc/apache2/sites-enabled/
+COPY 000-default.conf 001-ssl.conf /etc/apache2/sites-enabled/
COPY *.html /var/www/html/
COPY *.css *.css.map /var/www/html/
@@ -39,4 +41,3 @@ RUN mkdir -p ${APACHE_RUN_DIR} ${APACHE_LOG_DIR}
EXPOSE 80
CMD ["/usr/sbin/apache2", "-D", "FOREGROUND"]
-
diff --git a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/docker-compose.yml b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/docker-compose.yml
index 40d7a9a..f916e12 100644
--- a/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/docker-compose.yml
+++ b/tobago-example/tobago-example-demo/src/main/tobago-vm/docker/docker-compose.yml
@@ -19,7 +19,7 @@ services:
build: apache-proxy
ports:
- "80:80"
-# todo - "443:443"
+ - "443:443"
logging:
options:
max-size: "1m"