avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-01-11 02:11:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

trusted proxies

Browse Source
This commit is contained in:
Alexandre
2024-07-27 09:54:11 +02:00
parent 809144d3ce
commit a3ec318891
3 changed files with 50 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
fireflyiii/config.json
View File

@@ -82,10 +82,12 @@
"silent": "true" "silent": "true"
}, },
"ports": { "ports": {
"8080/tcp": 3473 "8080/tcp": 3473,
"8443/tcp": null
}, },
"ports_description": { "ports_description": {
"8080/tcp": "web interface" "8080/tcp": "web interface",
"8443/tcp": "ssl web interface"
}, },
"schema": { "schema": {
"APP_KEY": "str", "APP_KEY": "str",
@@ -97,7 +99,10 @@
"DB_PORT": "str?", "DB_PORT": "str?",
"DB_USERNAME": "str?", "DB_USERNAME": "str?",
"Updates": "list(|hourly|daily|weekly)?", "Updates": "list(|hourly|daily|weekly)?",
"silent": "bool?" "keyfile": "str",
"certfile": "str",
"silent": "bool?",
"ssl": "bool"
}, },
"services": [ "services": [
"mysql:want" "mysql:want"
@@ -106,6 +111,6 @@
"startup": "services", "startup": "services",
"udev": true, "udev": true,
"url": "https://github.com/alexbelgium/hassio-addons", "url": "https://github.com/alexbelgium/hassio-addons",
"version": "6.1.19", "version": "6.1.18-2",
"webui": "[PROTO:ssl]://[HOST]:[PORT:8080]" "webui": "[PROTO:ssl]://[HOST]:[PORT:8080]"
} }

30
fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh Normal file
View File

@@ -0,0 +1,30 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
set -e
###############
# SSL SETTING #
###############
declare port
declare certfile
declare keyfile
# Ssl values
if bashio::config.true 'ssl'; then
echo "Defining ssl configuration"
bashio::config.require.ssl
certfile=$(bashio::config 'certfile')
keyfile=$(bashio::config 'keyfile')
#Check if files exist
echo "... checking if referenced certificates exist"
[ ! -f /ssl/"$certfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$certfile not found" && bashio::exit.nok
[ ! -f /ssl/"$keyfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$keyfile not found" && bashio::exit.nok
sed -i "/proxy_params.conf/a ssl_certificate /ssl/$certfile;" /etc/nginx/servers/ssl.conf
sed -i "/proxy_params.conf/a ssl_certificate_key /ssl/$keyfile;" /etc/nginx/servers/ssl.conf
bashio::log.info "Ssl enabled, please use https for connection. UI is at https://YOURIP:$(bashio::addon.port 2342)"
else
rm -r /etc/nginx/servers/ssl.conf
fi

17
fireflyiii/rootfs/etc/nginx/servers/ingress.conf → fireflyiii/rootfs/etc/nginx/servers/ssl.conf
View File

@@ -1,14 +1,21 @@
server { server {
listen %%interface%%:%%port%% default_server; listen 8443;
include /etc/nginx/includes/server_params.conf; include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf; include /etc/nginx/includes/proxy_params.conf;
ssl_certificate /ssl/%%certfile%%;
ssl_certificate_key /ssl/%%keyfile%%;
client_max_body_size 0; client_max_body_size 0;
location / { root /var/www/firefly-iii/public/;
root /var/www/firefly-iii/public/;
} index index.html;
location / {
root /var/www/firefly-iii/public/;
}
location ~* \.php(?:$|/) { location ~* \.php(?:$|/) {
include snippets/fastcgi-php.conf; include snippets/fastcgi-php.conf;
@@ -17,5 +24,3 @@ server {
fastcgi_pass unix:/run/php/php8.0-fpm.sock; fastcgi_pass unix:/run/php/php8.0-fpm.sock;
} }
} }