From 550a7516bb2e1581beb1863d8549708cdfcbb976 Mon Sep 17 00:00:00 2001 From: "Denis V. Dedkov" Date: Mon, 4 Dec 2023 17:52:55 +0300 Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?= =?UTF-8?q?=D0=BD=20ssl=20=D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA?= =?UTF-8?q?=D0=B0=D1=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 +- beerlog-srv.py | 12 ++++++++++-- docker-compose.yml | 2 ++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 72394aa..9a03ae4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,7 @@ COPY beerlog-srv.py . COPY routes.py . COPY storage.py . -ARG BEERLOG_PORT +ARG BEERLOG_PORT BEERLOG_HOST ENV BEERLOG_PORT $BEERLOG_PORT EXPOSE $BEERLOG_PORT CMD ["python", "./beerlog-srv.py"] diff --git a/beerlog-srv.py b/beerlog-srv.py index ddeb88a..4bed690 100644 --- a/beerlog-srv.py +++ b/beerlog-srv.py @@ -2,6 +2,7 @@ import asyncio import websockets +import ssl import json import sys import os @@ -10,7 +11,6 @@ from routes import Routes routes = Routes() - class UserInfoProtocol(websockets.BasicAuthWebSocketServerProtocol): async def check_credentials(self, username, password): all_users = routes.users() @@ -32,10 +32,18 @@ async def handle(websocket): async def main(): + ssl_context = None + pem = "/cert/live/beerlog.ddns.net/fullchain.pem" + key = "/cert/live/beerlog.ddns.net/privkey.pem" + if os.path.exists(pem): + print(f"Start with {pem}", file=sys.stderr) + ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER) + ssl_context.load_cert_chain(pem, keyfile=key) + port = os.environ.get("BEERLOG_PORT", 8000) host = os.environ.get("BEERLOG_HOST", "0.0.0.0") print(f"Start on {host}:{port}", file=sys.stderr) - async with websockets.serve(handle, host, port, create_protocol=UserInfoProtocol): + async with websockets.serve(handle, host, port, ssl=ssl_context, create_protocol=UserInfoProtocol): await asyncio.Future() diff --git a/docker-compose.yml b/docker-compose.yml index 1059ae7..326f135 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,6 +11,7 @@ services: network: host volumes: - ./storage-dev:/storage/ + - /etc/letsencrypt/:/cert/ ports: - 8000:8000 beerlog-srv-prod: @@ -23,6 +24,7 @@ services: network: host volumes: - ./storage-prod:/storage/ + - /etc/letsencrypt/:/cert/ ports: - 8080:8080