From 7a3dca3ac3087adc6f297abea7404192f36d848d Mon Sep 17 00:00:00 2001 From: James Stevens Date: Wed, 22 Jan 2020 11:56:22 +0000 Subject: [PATCH] Simplfy option of running as HTTPS --- Dockerfile | 4 ++-- Dockerfile_ssl | 14 -------------- README.md | 22 +++++++++++++++------- dkmk_ssl | 3 --- dkrun_ssl | 9 --------- nginx.conf => nginx_dnsflsk.conf | 0 nginx_ssl.conf => nginx_dnsflsk_ssl.conf | 0 start_nginx | 9 ++++++++- 8 files changed, 25 insertions(+), 36 deletions(-) delete mode 100644 Dockerfile_ssl delete mode 100755 dkmk_ssl delete mode 100755 dkrun_ssl rename nginx.conf => nginx_dnsflsk.conf (100%) rename nginx_ssl.conf => nginx_dnsflsk_ssl.conf (100%) diff --git a/Dockerfile b/Dockerfile index 2d5c47a..71970ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ -FROM jamesstevens/mini-slack142-py38-nginx:v1.0 +FROM jamesstevens/mini-slack142-py38-nginx:v1.3 COPY *.py /app/ COPY start_wsgi /app/ COPY start_nginx /app/ -COPY nginx.conf /usr/local/nginx/conf/dnsflsk.conf +COPY nginx_dnsflsk.conf nginx_dnsflsk_ssl.conf cert.* /usr/local/nginx/conf/ COPY inittab /etc/inittab RUN pip install --upgrade pip diff --git a/Dockerfile_ssl b/Dockerfile_ssl deleted file mode 100644 index 692dfd0..0000000 --- a/Dockerfile_ssl +++ /dev/null @@ -1,14 +0,0 @@ -FROM jamesstevens/mini-slack142-py38-nginx:v1.0 - -COPY *.py /app/ -COPY start_wsgi /app/ -COPY start_nginx /app/ -COPY nginx_ssl.conf /usr/local/nginx/conf/dnsflsk.conf -COPY inittab /etc/inittab -COPY cert.pem /usr/local/nginx/conf/cert.pem - -RUN pip install --upgrade pip -RUN pip install gunicorn -RUN pip install Flask -RUN pip install dnspython -RUN python -m compileall /app/ diff --git a/README.md b/README.md index 493a4c8..27207d0 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Each server can be specified as either a name or IPv4 address. Names will be res If you do not specify a `servers` option, it will default to `8.8.8.8,8.8.4.4` (Google). When more than one server is specified, your query will be sent to all the `servers`, and the -response you get will be the first one received (as speciifed in the `Responder` property. +response you get will be the first one received (as specified in the `Responder` property. # Additional Properties @@ -58,7 +58,7 @@ e.g. $ curl 'http://127.0.0.1:5000/dns/api/v1.0/resolv?name=www.google.com' ``` -Note: This form of executaion is not suitable for production use, see below. +Note: This form of execution is not suitable for production use, see below. You can also test out just the resolver code, using the command line utility `cmdresolv.py`. The only required parameter is `-n `. @@ -143,13 +143,13 @@ that has `nginx` and `Python` in it, and then created an application container t All you need to do is * Have a current `docker` platform :) -* Run `docker pull jamesstevens/mini-slack142-py38-nginx:v1.0` to get the base container (optional) -* Run `docker image build -t dnsflsk .` to build the application container (must be run in a directory containing a clone of this project) -* Run `docker run -p 800:800 --tmpfs=/ram dnsflsk /bin/init` to run it +* Run `docker pull jamesstevens/mini-slack142-py38-nginx:vX.X` (where X.X is the latest version) to get the base container (optional) +* Run `./dkmk` to build the application container (must be run in a directory containing a clone of this project) +* Run `./dkrun init` to run it, you can also use `./dkrun sh` to shell into the container. This will run `dnsflsk` (under `gunicorn`) and `nginx` under the very basic, but still very good, supervisor program `sysvinit` -If you add `-t` after the `run` you will get some commentary. It should look something like this... +You should get some commentary like this... ``` INIT: version 2.88 booting INIT: Entering runlevel: 3 @@ -165,7 +165,15 @@ $ curl 'http://127.0.0.1:800/dns/api/v1.0/resolv?name=www.google.com' ``` You can also test the container by running `/bin/sh` instead, then running `/app/cmdresolv.py -n www.google.com` from the container's shell. -You can, of course, also (instead) invoke `cmdresolv.py` directly from the `docker run` command. +You can, of course, also (instead) invoke `cmdresolv.py` directly from a `docker run` command. I've provided the one-line shell scripts `dkmk` to build the app container and `dkrun ` to run the container, where `` will probably be either `sh` to get a shell in the container or `init` to run `sysvinit` to start the application. + +If you want to run `nginx` in the container as an `HTTPS` instead of an `HTTP` server, then all you need to do is copy a file called `cert.pem` into this +directory **before** you build the container. The file will then be copied into the `nginx/conf` directory and used by the `start_nginx` script. + +The `cert.pem` file must contain **both** the private key and the certificate. For example ... +``` +cat /opt/daemon/keys/letsencrypt/cert.pem /opt/daemon/keys/letsencrypt/privkey.pem > cert.pem +``` \ No newline at end of file diff --git a/dkmk_ssl b/dkmk_ssl deleted file mode 100755 index 7d8634d..0000000 --- a/dkmk_ssl +++ /dev/null @@ -1,3 +0,0 @@ -#! /bin/bash - -docker image build -f Dockerfile_ssl -t dnsflsk_ssl . diff --git a/dkrun_ssl b/dkrun_ssl deleted file mode 100755 index 80ab5ff..0000000 --- a/dkrun_ssl +++ /dev/null @@ -1,9 +0,0 @@ -#! /bin/sh - -if test -z "$1" - then - echo 'Usage: $0 <- probably "sh" or "init"' - exit 1 - fi - -docker run --read-only -it -p 800:800 --tmpfs=/ram dnsflsk_ssl /bin/$1 diff --git a/nginx.conf b/nginx_dnsflsk.conf similarity index 100% rename from nginx.conf rename to nginx_dnsflsk.conf diff --git a/nginx_ssl.conf b/nginx_dnsflsk_ssl.conf similarity index 100% rename from nginx_ssl.conf rename to nginx_dnsflsk_ssl.conf diff --git a/start_nginx b/start_nginx index 936a70f..fac5fcd 100755 --- a/start_nginx +++ b/start_nginx @@ -12,4 +12,11 @@ chmod 700 ${dirs} opts="daemon off;" -exec /usr/local/nginx/sbin/nginx -c conf/dnsflsk.conf -g "${opts}" +if test -f /usr/local/nginx/conf/cert.pem + then + conf="nginx_dnsflsk_ssl.conf" + else + conf="nginx_dnsflsk.conf" + fi + +exec /usr/local/nginx/sbin/nginx -c conf/${conf} -g "${opts}"