From 28283f2c8c4d42e2831b112f1d9f823938dadaa0 Mon Sep 17 00:00:00 2001 From: ldeluigi <44567586+ldeluigi@users.noreply.github.com> Date: Thu, 2 Mar 2023 20:50:08 +0100 Subject: [PATCH] Hardcode let'sencrypt path to avoid problems with docker volumes and renewal --- .github/workflows/ci.yml | 1 - backend/docker-compose.ssl.yml | 2 +- backend/nginx/ssl.conf | 4 ++-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e5106ccb..607ecbf2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -77,7 +77,6 @@ jobs: SECRET_KEY: ${{ secrets.ENV_SECRET_KEY }} DB_USER: ${{ secrets.ENV_DB_USER }} DB_PASSWORD: ${{ secrets.ENV_DB_PASSWORD }} - SSL_CERTIFICATE_LOCATION: ${{ secrets.ENV_SSL_CERTIFICATE_LOCATION }} AWS_S3_ACCESS_KEY_ID: ${{ secrets.ENV_AWS_S3_ACCESS_KEY_ID }} AWS_S3_SECRET_ACCESS_KEY: ${{ secrets.ENV_AWS_S3_SECRET_ACCESS_KEY }} AWS_S3_REGION: ${{ secrets.ENV_AWS_S3_REGION }} diff --git a/backend/docker-compose.ssl.yml b/backend/docker-compose.ssl.yml index 95e31ca3..1482011f 100644 --- a/backend/docker-compose.ssl.yml +++ b/backend/docker-compose.ssl.yml @@ -9,6 +9,6 @@ services: target: ssl image: spellbook-nginx-ssl volumes: - - ${SSL_CERTIFICATE_LOCATION:?}:/etc/nginx/ssl/:ro + - /etc/letsencrypt/:/etc/letsencrypt/:ro ports: - 443:443 diff --git a/backend/nginx/ssl.conf b/backend/nginx/ssl.conf index 698c28d1..2aa426bb 100644 --- a/backend/nginx/ssl.conf +++ b/backend/nginx/ssl.conf @@ -1,8 +1,8 @@ listen 443 ssl http2; listen [::]:443 ssl http2; server_name backend.commanderspellbook.com; -ssl_certificate /etc/nginx/ssl/fullchain.pem; -ssl_certificate_key /etc/nginx/ssl/privkey.pem; +ssl_certificate /etc/letsencrypt/live/backend.commanderspellbook.com/fullchain.pem; +ssl_certificate_key /etc/letsencrypt/live/backend.commanderspellbook.com/privkey.pem; if ($scheme = http) { return 301 https://$server_name$request_uri;