diff --git a/api/src/Kurs.Platform.HttpApi.Host/appsettings.json b/api/src/Kurs.Platform.HttpApi.Host/appsettings.json index e66ea7c7..0f735040 100644 --- a/api/src/Kurs.Platform.HttpApi.Host/appsettings.json +++ b/api/src/Kurs.Platform.HttpApi.Host/appsettings.json @@ -4,8 +4,8 @@ "ClientUrl": "http://localhost:3000", "CorsOrigins": "http://localhost,http://localhost:3000,http://localhost:3003,http://localhost:4200,http://localhost:5173", "RedirectAllowedUrls": "http://localhost:4200,http://localhost:4200/authentication/callback", - "AttachmentsPath": "C:\\Private\\Projects\\kurs-platform\\configs\\mail-queue\\attachments", - "CdnPath": "C:\\Private\\Projects\\kurs-platform\\configs\\docker\\data\\cdn", + "AttachmentsPath": "C:\\Private\\Projects\\sozsoft\\configs\\mail-queue\\attachments", + "CdnPath": "C:\\Private\\Projects\\sozsoft\\configs\\docker\\data\\cdn", "Version": "1.0.4" }, "ConnectionStrings": { diff --git a/configs/deployment/configs/nginx.conf b/configs/deployment/configs/nginx.conf index e7255be2..da600129 100644 --- a/configs/deployment/configs/nginx.conf +++ b/configs/deployment/configs/nginx.conf @@ -63,6 +63,17 @@ server { } } +# www'den sozsoft.com yönlendirme +server { + listen 443 ssl http2; + server_name www.sozsoft.com; + + ssl_certificate /etc/ssl/sozsoft.com/cert1.pem; + ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem; + + return 301 https://sozsoft.com$request_uri; +} + # sozsoft.com server { listen 443 ssl http2; @@ -115,10 +126,10 @@ server { } } -# *.sozsoft.com +# kurs.sozsoft.com server { listen 443 ssl http2; - server_name *.sozsoft.com; + server_name kurs.sozsoft.com; ssl_certificate /etc/ssl/sozsoft.com/cert1.pem; ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem; @@ -132,3 +143,21 @@ server { include /etc/nginx/proxy_params; } } + +# demo.sozsoft.com +server { + listen 443 ssl http2; + server_name demo.sozsoft.com; + + ssl_certificate /etc/ssl/sozsoft.com/cert1.pem; + ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem; + + underscores_in_headers on; + ignore_invalid_headers off; + large_client_header_buffers 4 16k; + + location / { + proxy_pass http://127.0.0.1:3002; # ← PORT belirtildi + include /etc/nginx/proxy_params; + } +} \ No newline at end of file diff --git a/configs/deployment/scripts/7-setup_ssl.sh b/configs/deployment/scripts/7-setup_ssl.sh new file mode 100644 index 00000000..a1772ef1 --- /dev/null +++ b/configs/deployment/scripts/7-setup_ssl.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# Gerekli paketlerin ve certbot'un kurulu olup olmadığını kontrol et +if ! command -v certbot &> /dev/null +then + echo "Certbot yüklü değil. Kuruluyor..." + sudo apt update + sudo apt install -y certbot python3-certbot-nginx +else + echo "Certbot zaten yüklü." +fi + +# Subdomain listesi +SUBDOMAINS=( + "devops.sozsoft.com" + "chat.sozsoft.com" + "ai.sozsoft.com" + "kurs-api.sozsoft.com" + "kurs-cdn.sozsoft.com" + "sozsoft.com" + "www.sozsoft.com" + "kurs.sozsoft.com" + "demo.sozsoft.com" +) + +echo "Subdomain'ler için SSL sertifikaları alınıyor..." + +for DOMAIN in "${SUBDOMAINS[@]}" +do + echo "İşleniyor: $DOMAIN" + sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos -m admin@sozsoft.com --redirect +done + +echo "Yenileme zamanlayıcısı kontrol ediliyor..." +if ! systemctl list-timers | grep -q certbot +then + echo "Certbot yenileme zamanlayıcısı aktif değil, aktif ediliyor..." + sudo systemctl enable certbot.timer + sudo systemctl start certbot.timer +else + echo "Yenileme zamanlayıcısı zaten aktif." +fi + +echo "Tüm işlemler tamamlandı. Sertifikalar alındı ve otomatik yenileme ayarlandı."