From 908d9be87570b2d4b775fefacde7a4cf84957990 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=A4der?= Date: Tue, 20 Apr 2021 10:07:22 +0200 Subject: [PATCH] Use /etc/ssl/private/ instead of /root/certs/ --- TLS.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/TLS.md b/TLS.md index 0c26631..831f6f2 100644 --- a/TLS.md +++ b/TLS.md @@ -23,9 +23,9 @@ netbox.example.org, netbox.prod.example.org { # This line should match the ALL reverse_proxy netbox:8080 encode gzip zstd - tls /root/certs/cert.crt /root/certs/key.key + tls /etc/ssl/private/cert.crt /etc/ssl/private/key.key # or: - # tls /root/certs/cert.pem + # tls /etc/ssl/private/cert.pem log { level error @@ -44,8 +44,8 @@ services: depends_on: - netbox volumes: - - ./cert.crt:/root/certs/cert.crt:ro,z - - ./key.key:/root/certs/key.key:ro,z + - ./cert.crt:/etc/ssl/private/cert.crt:ro,z + - ./key.key:/etc/ssl/private/key.key:ro,z - ./Caddyfile:/etc/caddy/Caddyfile:ro ports: - 80:80 # Allows for http redirection @@ -104,7 +104,7 @@ Use these two certificates with the setup proposed above: reverse_proxy netbox:8080 encode gzip zstd - tls /root/certs/cert.crt /root/certs/key.key + tls /etc/ssl/private/cert.crt /etc/ssl/private/key.key log { level error @@ -120,14 +120,16 @@ services: depends_on: - netbox volumes: - - ./localhost+2.pem:/root/certs/cert.crt:ro,z - - ./localhost+2-key.pem:/root/certs/key.key:ro,z + - ./localhost+2.pem:/etc/ssl/private/cert.crt:ro,z + - ./localhost+2-key.pem:/etc/ssl/private/key.key:ro,z - ./Caddyfile:/etc/caddy/Caddyfile:ro ports: - 80:80 # Allows for http redirection - 443:443 ``` +Run `docker-compose up` and then you're able to access NetBox at https://localhost. + ## About _hitch_ Originally, [hitch](https://hitch-tls.org/) was suggested to use as a TLS proxy.