Use /etc/ssl/private/ instead of /root/certs/

2024-12-03 21:38:42 +01:00 · 2021-04-20 10:07:22 +02:00 · 2021-04-20 10:07:22 +02:00 · 908d9be875
commit 908d9be875
parent 107a217829
1 changed files with 9 additions and 7 deletions
--- a/TLS.md
+++ b/TLS.md
@ -23,9 +23,9 @@ netbox.example.org, netbox.prod.example.org {   # This line should match the ALL
    reverse_proxy netbox:8080
    encode gzip zstd
    
-    tls /root/certs/cert.crt /root/certs/key.key
+    tls /etc/ssl/private/cert.crt /etc/ssl/private/key.key
    # or:
-    # tls /root/certs/cert.pem
+    # tls /etc/ssl/private/cert.pem

    log {
      level error
@ -44,8 +44,8 @@ services:
    depends_on:
      - netbox
    volumes:
-      - ./cert.crt:/root/certs/cert.crt:ro,z
-      - ./key.key:/root/certs/key.key:ro,z
+      - ./cert.crt:/etc/ssl/private/cert.crt:ro,z
+      - ./key.key:/etc/ssl/private/key.key:ro,z
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
    ports:
      - 80:80   # Allows for http redirection
@ -104,7 +104,7 @@ Use these two certificates with the setup proposed above:
    reverse_proxy netbox:8080
    encode gzip zstd
    
-    tls /root/certs/cert.crt /root/certs/key.key
+    tls /etc/ssl/private/cert.crt /etc/ssl/private/key.key

    log {
      level error
@ -120,14 +120,16 @@ services:
    depends_on:
      - netbox
    volumes:
-      - ./localhost+2.pem:/root/certs/cert.crt:ro,z
-      - ./localhost+2-key.pem:/root/certs/key.key:ro,z
+      - ./localhost+2.pem:/etc/ssl/private/cert.crt:ro,z
+      - ./localhost+2-key.pem:/etc/ssl/private/key.key:ro,z
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
    ports:
      - 80:80 # Allows for http redirection
      - 443:443
 ```

+Run `docker-compose up` and then you're able to access NetBox at https://localhost.
+
 ## About _hitch_

 Originally, [hitch](https://hitch-tls.org/) was suggested to use as a TLS proxy.