sozsoft/erp-platform
1
0
Fork 0
Code Issues 6 Pull requests Projects 3 Releases Packages Wiki Activity Actions

nginx ile subdomainlerin ssl otomatik hale getirildi.

Browse source
This commit is contained in:
Sedat ÖZTÜRK 2025-05-27 09:24:00 +03:00
parent d5e3c93520
commit 0d0fffc794
3 changed files with 77 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
api/src/Kurs.Platform.HttpApi.Host/appsettings.json
View file

@ -4,8 +4,8 @@
"ClientUrl": "http://localhost:3000", "ClientUrl": "http://localhost:3000",
"CorsOrigins": "http://localhost,http://localhost:3000,http://localhost:3003,http://localhost:4200,http://localhost:5173", "CorsOrigins": "http://localhost,http://localhost:3000,http://localhost:3003,http://localhost:4200,http://localhost:5173",
"RedirectAllowedUrls": "http://localhost:4200,http://localhost:4200/authentication/callback", "RedirectAllowedUrls": "http://localhost:4200,http://localhost:4200/authentication/callback",
"AttachmentsPath": "C:\\Private\\Projects\\kurs-platform\\configs\\mail-queue\\attachments", "AttachmentsPath": "C:\\Private\\Projects\\sozsoft\\configs\\mail-queue\\attachments",
"CdnPath": "C:\\Private\\Projects\\kurs-platform\\configs\\docker\\data\\cdn", "CdnPath": "C:\\Private\\Projects\\sozsoft\\configs\\docker\\data\\cdn",
"Version": "1.0.4" "Version": "1.0.4"
}, },
"ConnectionStrings": { "ConnectionStrings": {

33
configs/deployment/configs/nginx.conf
View file

@ -63,6 +63,17 @@ server {
} }
} }
# www'den sozsoft.com yönlendirme
server {
listen 443 ssl http2;
server_name www.sozsoft.com;
ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
return 301 https://sozsoft.com$request_uri;
}
# sozsoft.com # sozsoft.com
server { server {
listen 443 ssl http2; listen 443 ssl http2;
@ -115,10 +126,28 @@ server {
} }
} }
# *.sozsoft.com # kurs.sozsoft.com
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name *.sozsoft.com; server_name kurs.sozsoft.com;
ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
underscores_in_headers on;
ignore_invalid_headers off;
large_client_header_buffers 4 16k;
location / {
proxy_pass http://127.0.0.1:3002; # PORT belirtildi
include /etc/nginx/proxy_params;
}
}
# demo.sozsoft.com
server {
listen 443 ssl http2;
server_name demo.sozsoft.com;
ssl_certificate /etc/ssl/sozsoft.com/cert1.pem; ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem; ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;

44
configs/deployment/scripts/7-setup_ssl.sh Normal file
View file

@ -0,0 +1,44 @@
#!/bin/bash
# Gerekli paketlerin ve certbot'un kurulu olup olmadığını kontrol et
if ! command -v certbot &> /dev/null
then
echo "Certbot yüklü değil. Kuruluyor..."
sudo apt update
sudo apt install -y certbot python3-certbot-nginx
else
echo "Certbot zaten yüklü."
fi
# Subdomain listesi
SUBDOMAINS=(
"devops.sozsoft.com"
"chat.sozsoft.com"
"ai.sozsoft.com"
"kurs-api.sozsoft.com"
"kurs-cdn.sozsoft.com"
"sozsoft.com"
"www.sozsoft.com"
"kurs.sozsoft.com"
"demo.sozsoft.com"
)
echo "Subdomain'ler için SSL sertifikaları alınıyor..."
for DOMAIN in "${SUBDOMAINS[@]}"
do
echo "İşleniyor: $DOMAIN"
sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos -m admin@sozsoft.com --redirect
done
echo "Yenileme zamanlayıcısı kontrol ediliyor..."
if ! systemctl list-timers | grep -q certbot
then
echo "Certbot yenileme zamanlayıcısı aktif değil, aktif ediliyor..."
sudo systemctl enable certbot.timer
sudo systemctl start certbot.timer
else
echo "Yenileme zamanlayıcısı zaten aktif."
fi
echo "Tüm işlemler tamamlandı. Sertifikalar alındı ve otomatik yenileme ayarlandı."