From 8d65a840c6cc1ad9bff788c343303aeaeb72cfc0 Mon Sep 17 00:00:00 2001 From: gamvo74 Date: Wed, 25 Feb 2026 09:02:22 -0500 Subject: [PATCH] Configure production HTTPS with SSL certificates --- docker-compose.yml | 3 ++- infrastructure/nginx/conf.d/api.conf | 11 ++++++++++- infrastructure/nginx/conf.d/web.conf | 13 +++++++++++-- 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 758cd5a..be1e81f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -49,9 +49,10 @@ services: restart: always ports: - "80:80" - - "8080:8080" + - "443:443" volumes: - ./infrastructure/nginx/conf.d:/etc/nginx/conf.d + - /etc/letsencrypt:/etc/letsencrypt:ro depends_on: - api - web diff --git a/infrastructure/nginx/conf.d/api.conf b/infrastructure/nginx/conf.d/api.conf index 400bb55..bef278e 100644 --- a/infrastructure/nginx/conf.d/api.conf +++ b/infrastructure/nginx/conf.d/api.conf @@ -1,6 +1,15 @@ server { listen 80; - server_name api.proselitigant.tech localhost; + server_name api.proselitigant.tech; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl; + server_name api.proselitigant.tech; + + ssl_certificate /etc/letsencrypt/live/proselitigant.tech/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/proselitigant.tech/privkey.pem; # Security headers add_header X-Frame-Options DENY; diff --git a/infrastructure/nginx/conf.d/web.conf b/infrastructure/nginx/conf.d/web.conf index 277c6e3..2b1243b 100644 --- a/infrastructure/nginx/conf.d/web.conf +++ b/infrastructure/nginx/conf.d/web.conf @@ -1,6 +1,15 @@ server { - listen 8080; - server_name proselitigant.tech localhost; + listen 80; + server_name proselitigant.tech; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl; + server_name proselitigant.tech; + + ssl_certificate /etc/letsencrypt/live/proselitigant.tech/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/proselitigant.tech/privkey.pem; # Security headers add_header X-Frame-Options SAMEORIGIN;