pterodactyl/development
1
0
Fork 0
mirror of https://github.com/pterodactyl/development.git synced 2025-12-10 00:09:41 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use SSL for local dev server

Browse Source
This commit is contained in:
Dane Everitt 2019-06-25 20:41:45 -07:00
parent 689a80103f
commit 7ecb4c314f
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
4 changed files with 51 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -7,6 +7,7 @@ You'll need the following things installed on your machine.
* Vagrant
* VirtualBox
* Docker
* mkcert
You'll also need the following Vagrant plugins: `vagrant-hostmanager` and `vagrant-vbguest`

15
Vagrantfile vendored
View File

@ -19,6 +19,7 @@ Vagrant.configure("2") do |config|
app.vm.synced_folder ".", "/vagrant", disabled: true
app.vm.network "forwarded_port", guest: 80, host: 80
app.vm.network "forwarded_port", guest: 443, host: 443
app.vm.network "forwarded_port", guest: 8080, host: 8080
app.vm.network "forwarded_port", guest: 8081, host: 8081
@ -34,12 +35,18 @@ Vagrant.configure("2") do |config|
"--add-host=daemon.pterodactyl.test:192.168.50.4",
"--add-host=wings.pterodactyl.test:192.168.50.3",
]
d.ports = ["80:80", "8080:8080", "8081:8081"]
d.ports = ["80:80", "443:443", "8080:8080", "8081:8081"]
if ENV['FILE_SYNC_METHOD'] === 'docker-sync'
d.volumes = ["panel-sync:/srv/www:nocopy"]
d.volumes = [
"panel-sync:/srv/www:nocopy",
"#{vagrant_root}/.data/certificates:/etc/ssl/private:ro"
]
else
d.volumes = ["#{vagrant_root}/code/panel:/srv/www:cached"]
d.volumes = [
"#{vagrant_root}/code/panel:/srv/www:cached",
"#{vagrant_root}/.data/certificates:/etc/ssl/private:ro"
]
end
d.remains_running = true
@ -75,6 +82,7 @@ Vagrant.configure("2") do |config|
wings.vm.synced_folder ".", "/vagrant", disabled: true
wings.vm.synced_folder "#{vagrant_root}/code/wings", "/home/vagrant/wings", owner: "vagrant", group: "vagrant"
wings.vm.synced_folder "#{vagrant_root}/.data/certificates", "/etc/ssl/private", owner: "vagrant", group: "vagrant"
wings.vm.network :private_network, ip: "192.168.50.3"
@ -87,6 +95,7 @@ Vagrant.configure("2") do |config|
daemon.vm.synced_folder ".", "/vagrant", disabled: true
daemon.vm.synced_folder "#{vagrant_root}/code/daemon", "/srv/daemon", owner: "vagrant", group: "vagrant"
daemon.vm.synced_folder "#{vagrant_root}/.data/certificates", "/etc/ssl/private", owner: "vagrant", group: "vagrant"
daemon.vm.synced_folder "#{vagrant_root}/code/sftp-server", "/home/vagrant/sftp-server", owner: "vagrant", group: "vagrant"
daemon.vm.synced_folder ".data/daemon-data", "/srv/daemon-data", create: true

31
build/configs/nginx/pterodactyl.test.conf
View File

@ -1,7 +1,13 @@
server {
listen 80;
server_name pterodactyl.test;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name pterodactyl.test;
root /srv/www/public;
index index.html index.htm index.php;
charset utf-8;
@ -18,9 +24,26 @@ server {
client_max_body_size 100m;
client_body_timeout 120s;
sendfile off;
# SSL Configuration
ssl_certificate /etc/ssl/private/pterodactyl.test.pem;
ssl_certificate_key /etc/ssl/private/pterodactyl.test-key.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
@ -58,9 +81,9 @@ server {
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "same-origin" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
# . files
location ~ /\. {
deny all;
}
}
}

13
setup.sh
View File

@ -1,17 +1,26 @@
#!/bin/bash
currentDirectory=$(pwd)
CURRENT_DIRECTORY=$(pwd)
cd /tmp
vagrant plugin install vagrant-vbguest
vagrant plugin install vagrant-hostmanager
cd $currentDirectory
cd ${CURRENT_DIRECTORY}
git clone https://github.com/pterodactyl/panel.git code/panel
git clone https://github.com/pterodactyl/documentation.git code/documentation
git clone https://github.com/pterodactyl/wings.git code/wings
git clone https://github.com/pterodactyl/daemon.git code/daemon
git clone https://github.com/pterodactyl/sftp-server.git code/sftp-server
mkdir -p .data/certificates
mkcert -install
mkcert pterodactyl.test *.pterodactyl.test
mv *pterodactyl.test*-key.pem .data/certificates/pterodactyl.test-key.pem
mv *pterodactyl.test*.pem .data/certificates/pterodactyl.test.pem
# sudo gem install docker-sync
# docker-sync start