Add SSL capability #92

CHANGELOG.md

@@ -8,6 +8,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - New PHP 7.2 image is now available on the dev tag. Please report any issues.
 
+## [19.0.0] - 2018-10-08
+
+### Added
+- Added SSL support and made it enabled by default in the nginx config. All http requests will also be forwarded to https.
+
 ## [18.1.1] - 2018-10-08
 
 ### Updated

README.md

@@ -6,7 +6,8 @@ View Dockerfiles:
 
 - [markoshust/magento-nginx (Docker Hub)](https://hub.docker.com/r/markoshust/magento-nginx/)
   - 1.13
-      - [`latest`, `1.13`, `1.13-5`](https://github.com/markoshust/docker-magento/tree/master/images/nginx/1.13)
+      - [`latest`, `1.13`, `1.13-6`](https://github.com/markoshust/docker-magento/tree/master/images/nginx/1.13)
+      - [`1.13-5`](https://github.com/markoshust/docker-magento/tree/18.1.1/images/nginx/1.13)
       - [`1.13-4`](https://github.com/markoshust/docker-magento/tree/18.0.1/images/nginx/1.13)
       - [`1.13-3`](https://github.com/markoshust/docker-magento/tree/15.0.1/images/nginx/1.13)
       - [`1.13-2`](https://github.com/markoshust/docker-magento/tree/12.0.0/images/nginx/1.13)
@@ -74,7 +75,7 @@ This configuration has been tested on Mac, Linux and Windows.
 Run this automated one-liner from the directory you want to install your project to:
 
 ```
-curl https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/onelinesetup|bash -s - mymagento.test 2.2.6
+curl -s https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/onelinesetup|bash -s - mymagento.test 2.2.6
 ```
 
 The `mymagento.test` above defines the hostname to use, and the `2.2.6` defines the Magento version to install. Note that since we need a write to `/etc/hosts` for DNS resolution, you will be prompted for your system password during setup.
@@ -87,7 +88,7 @@ Same result as the one-liner above. Just replace `mymagento` references with the
 
 ```
 # Quick setup for a new instance of Magento 2, using magento226.test as a base:
-curl https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2
+curl -s https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2
 bin/download 2.2.6
 echo "127.0.0.1 mymagento.test" | sudo tee -a /etc/hosts
 bin/start
@@ -98,7 +99,7 @@ open http://mymagento.test
 ## Setup a New Magento 2 Project
 
 1. Create the project template by going to the place you want the new project (ex. cd ~/Sites/magento2), then run
-	- `curl https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2`
+	- `curl -s https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2`
 
 2. Extract the contents of your current Magento site to the `src` folder, or download a fresh copy of the Magento source code for starting a new project with:
     - `bin/download 2.2.6`
@@ -120,7 +121,7 @@ open http://mymagento.test
 The following scripts are meant to run with Powershell. Note that the execution policy for scripts needs to be set accordingly [Execution policy](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/get-executionpolicy?view=powershell-6).
 
 1. Create the project template by going to the place you want the new project (ex. cd ~/Sites/magento2), then run
-	- `curl https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2-windows`
+	- `curl -s https://raw.githubusercontent.com/markoshust/docker-magento/master/lib/template|bash -s - magento-2-windows`
 
 2. Extract the contents of your current Magento site to the `src` folder, or download a fresh copy of the Magento source code for starting a new project with the following line. Note that the default untar command is quite slow. If you want to speed that up install [7-Zip](http://www.7-zip.org/) and add it to your PATH. The script will automatically use 7-Zip if it is available:
     - `bin/download 2.2.6`
@@ -172,7 +173,7 @@ First setup Magento Marketplace authentication (details in the [DevDocs](http://
 
 After doing so, copy the auth sample file to:
 
-- `cp ./src/auth.json.sample ./src/auth.json`
+- `cp src/auth.json.sample src/auth.json`
 
 Then update the username and password values with your Magento public and private keys, respectively.
 

compose/magento-1/docker-compose.yml

@@ -1,5 +1,5 @@
 # Mark Shust's Docker Configuration for Magento (https://github.com/markoshust/docker-magento)
-# Version 18.1.1
+# Version 19.0.0
 
 version: "3"
 
@@ -7,7 +7,8 @@ services:
   app:
     build: images/nginx
     ports:
-      - 80:8000
+      - "80:8000"
+      - "443:8443"
     links:
       - db
       - phpfpm
@@ -35,7 +36,7 @@ services:
   db:
     image: percona:5.7
     ports:
-      - 3306:3306
+      - "3306:3306"
     env_file: env/db.env
     volumes:
       - dbdata:/var/lib/mysql

compose/magento-1/images/nginx/Dockerfile

@@ -1,3 +1,3 @@
-FROM markoshust/magento-nginx:1.13-5
+FROM markoshust/magento-nginx:1.13-6
 
 COPY ./conf/default.conf /etc/nginx/conf.d/

compose/magento-1/images/nginx/conf/default.conf

@@ -4,7 +4,14 @@ upstream fastcgi_backend {
 
 server {
   listen 8000;
-  server_name localhost;
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 8443 ssl;
+
+  ssl_certificate /etc/nginx/certs/nginx.crt;
+  ssl_certificate_key /etc/nginx/certs/nginx.key;
 
   set $MAGE_ROOT /var/www/html;
   set $MAGE_IS_DEVELOPER_MODE true;

compose/magento-2-windows/bin/setup.ps1

@@ -7,7 +7,7 @@ bin/cli bin/magento setup:install `
   --db-name=magento `
   --db-user=magento `
   --db-password=magento `
-  --base-url=http://$BASE_URL/ `
+  --base-url=https://$BASE_URL/ `
   --admin-firstname=John `
   --admin-lastname=Smith `
   --admin-email=john.smith@gmail.com `

compose/magento-2-windows/docker-compose.yml

@@ -1,13 +1,14 @@
 # Mark Shust's Docker Configuration for Magento (https://github.com/markoshust/docker-magento)
-# Version 18.1.1
+# Version 19.0.0
 
 version: "3"
 
 services:
   app:
-    image: markoshust/magento-nginx:1.13-5
+    image: markoshust/magento-nginx:1.13-6
     ports:
-      - 80:8000
+      - "80:8000"
+      - "443:8443"
     links:
       - db
       - phpfpm
@@ -46,7 +47,7 @@ services:
   db:
     image: percona:5.7
     ports:
-      - 3306:3306
+      - "3306:3306"
     env_file: env/db.env
     volumes:
       - dbdata:/var/lib/mysql

compose/magento-2/bin/setup

@@ -8,7 +8,7 @@ bin/clinotty bin/magento setup:install \
   --db-name=magento \
   --db-user=magento \
   --db-password=magento \
-  --base-url=http://$BASE_URL/ \
+  --base-url=https://$BASE_URL/ \
   --admin-firstname=John \
   --admin-lastname=Smith \
   --admin-email=john.smith@gmail.com \

compose/magento-2/docker-compose.yml

@@ -1,13 +1,14 @@
 # Mark Shust's Docker Configuration for Magento (https://github.com/markoshust/docker-magento)
-# Version 18.1.1
+# Version 19.0.0
 
 version: "3"
 
 services:
   app:
-    image: markoshust/magento-nginx:1.13-5
+    image: markoshust/magento-nginx:1.13-6
     ports:
-      - 80:8000
+      - "80:8000"
+      - "443:8443"
     links:
       - db
       - phpfpm
@@ -46,7 +47,7 @@ services:
   db:
     image: percona:5.7
     ports:
-      - 3306:3306
+      - "3306:3306"
     env_file: env/db.env
     volumes:
       - dbdata:/var/lib/mysql

images/nginx/1.13/Dockerfile

@@ -5,11 +5,18 @@ RUN groupadd -g 1000 app \
  && useradd -g 1000 -u 1000 -d /var/www -s /bin/bash app
 RUN touch /var/run/nginx.pid
 RUN mkdir /sock
-RUN chown -R app:app /var/cache/nginx/ /var/run/nginx.pid /sock
+
+RUN apt-get update && apt-get install -y openssl
+RUN mkdir /etc/nginx/certs \
+  && echo -e "\n\n\n\n\n\n\n" | openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/certs/nginx.key -out /etc/nginx/certs/nginx.crt
+
+RUN chown -R app:app /etc/nginx/certs /sock /var/cache/nginx/ /var/run/nginx.pid /sock
 
 COPY ./conf/nginx.conf /etc/nginx/
 COPY ./conf/default.conf /etc/nginx/conf.d/
 
+EXPOSE 8443
+
 USER app:app
 
 VOLUME /var/www

images/nginx/1.13/conf/default.conf

@@ -4,6 +4,16 @@ upstream fastcgi_backend {
 
 server {
   listen 8000;
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 8443 ssl;
+
+  ssl_certificate /etc/nginx/certs/nginx.crt;
+  ssl_certificate_key /etc/nginx/certs/nginx.key;
+
   set $MAGE_ROOT /var/www/html;
+
   include /var/www/html/nginx.conf.sample;
 }