Support SSL

3 years ago · c8bdf0e35a
5 changed files with 55 additions and 0 deletions
--- a/offline_deployment/README.md
+++ b/offline_deployment/README.md
@ -0,0 +1,23 @@
 # Doccano Offline Deployment
 ## Use Case
 These offline deployment scripts are suited for deploying Doccano on an airgaped Ubuntu 18.04/20.04 virtual machine (VM 2) with no internet connectivity.
 The preparation requires another machine (VM 1) with internet access and `docker`/`docker-compose` preinstalled and running the same Ubuntu distribution as VM 2.  
 The focus is primarily on the `docker-compose`-based production deployment.
 ## Setup Steps
 Run the following steps on VM 1:  
 1. Clone this repository  
 2. Run the scripts `offline_01_*.sh` in ascending order  
   Skip OR modify and run the script `offline_01_1_2-optional_use_https`  
 Now, move over to VM 2  
 3. Copy the repository folder to VM 2  
 4. Run the scripts `offline_02_*.sh` in ascending order  
 5. Make minor changes on `docker-compose.prod.yml` to change the admin credentials  
 6. Run `docker-compose -f docker-compose.prod.yml up` or use the script `offline_03_*.sh`  
--- a/offline_deployment/offline_01_1_1-download_assets.sh
+++ b/offline_deployment/offline_01_1_1-download_assets.sh
--- a/offline_deployment/offline_01_1_2-optional_use_https.sh
+++ b/offline_deployment/offline_01_1_2-optional_use_https.sh
@ -0,0 +1,28 @@
 #!/usr/bin/env bash
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 cd $DIR
 cd ..
 unset DIR
 # create certificate pair
 sudo apt-get install openssl
 openssl req -new -newkey rsa:4096 -sha256 -nodes -x509 -keyout ./nginx/cert.key -out ./nginx/cert.crt \
   -subj "/C=DE/ST=Bayern/L=Augsburg/O=Universität Augsburg/OU=Misit/CN=*.informatik.uni-augsburg.de"
 # define cert paths inside container
 $ssl_cert="/certs/cert.crt"
 $ssl_cert_key="/certs/cert.key"
 # edit nginx.conf
 sed -i "s|listen 80;|listen 443 ssl;\n    ssl_certificate $ssl_cert;\n    ssl_certificate_key $ssl_cert_key;|g" nginx/nginx.conf
 # edit nginx Dockerfile
 echo "RUN mkdir -p /certs/"                  >> nginx/Dockerfile
 echo "COPY ./nginx/cert.key /certs/cert.key" >> nginx/Dockerfile
 echo "COPY ./nginx/cert.crt /certs/cert.crt" >> nginx/Dockerfile
 # edit published port
 sed -i "s|- 80:80|- 443:443|g" docker-compose.prod.yml
 echo "Switched to HTTPS"
--- a/offline_deployment/offline_01_2-extract_Docker_images.sh
+++ b/offline_deployment/offline_01_2-extract_Docker_images.sh
@ -4,6 +4,10 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 cd $DIR
 unset DIR
 # WORKAROUND: Downgrade docker-compose version to match Ubuntu 18.04 default compose package
 echo "Patching docker-compose to match Ubuntu 18.04 compose package"
 sed -i 's|version: "3.7"|version: "3.3"|g' ../docker-compose.prod.yml
 sed -i 's^dockerfile: app/Dockerfile.prod^dockerfile: app/Dockerfile.prod\n    image: doccano-app:custom^g' ../docker-compose.prod.yml
 sed -i 's^dockerfile: nginx/Dockerfile^dockerfile: nginx/Dockerfile\n    image: doccano-nginx:custom^g'     ../docker-compose.prod.yml
--- a/offline_deployment/offline_01_3-download_APT_packages.sh
+++ b/offline_deployment/offline_01_3-download_APT_packages.sh