From daf794745fb8dc6dabf346eb14d6bbd79595bff1 Mon Sep 17 00:00:00 2001 From: Taylor Helsper Date: Sun, 2 Apr 2023 21:54:38 -0500 Subject: [PATCH] Add nginx service for public apps --- .../mynode/mynode_ssl_public_apps_cert.conf | 0 .../sites-enabled/https_public_apps.conf | 64 +++++++++++++++++++ rootfs/standard/usr/bin/mynode_startup.sh | 8 +++ 3 files changed, 72 insertions(+) create mode 100644 rootfs/standard/etc/nginx/mynode/mynode_ssl_public_apps_cert.conf create mode 100644 rootfs/standard/etc/nginx/sites-enabled/https_public_apps.conf diff --git a/rootfs/standard/etc/nginx/mynode/mynode_ssl_public_apps_cert.conf b/rootfs/standard/etc/nginx/mynode/mynode_ssl_public_apps_cert.conf new file mode 100644 index 00000000..e69de29b diff --git a/rootfs/standard/etc/nginx/sites-enabled/https_public_apps.conf b/rootfs/standard/etc/nginx/sites-enabled/https_public_apps.conf new file mode 100644 index 00000000..5c3ef985 --- /dev/null +++ b/rootfs/standard/etc/nginx/sites-enabled/https_public_apps.conf @@ -0,0 +1,64 @@ +server { + listen 6001 ssl; + server_name public_apps_lnbits; + + include /etc/nginx/mynode/mynode_ssl_params.conf; + + ssl_certificate /home/bitcoin/.mynode/https/public_apps.crt; + ssl_certificate_key /home/bitcoin/.mynode/https/public_apps.key; + + access_log /var/log/nginx/access_public_apps.log; + error_log /var/log/nginx/error_public_apps.log; + + location / { + proxy_pass http://127.0.0.1:5000; + + proxy_set_header Upgrade $http_upgrade; + #proxy_set_header Connection 'upgrade'; # No longer needed post v0.10 + proxy_http_version 1.1; + + include /etc/nginx/mynode/mynode_ssl_proxy_params.conf; + } +} + +server { + listen 6002 ssl; + server_name public_apps_btcpay; + + include /etc/nginx/mynode/mynode_ssl_params.conf; + + ssl_certificate /home/bitcoin/.mynode/https/public_apps.crt; + ssl_certificate_key /home/bitcoin/.mynode/https/public_apps.key; + + access_log /var/log/nginx/access_public_apps.log; + error_log /var/log/nginx/error_public_apps.log; + + location / { + proxy_pass http://127.0.0.1:49392; + + proxy_http_version 1.1; + proxy_set_header Connection "upgrade"; + proxy_set_header Upgrade $http_upgrade; + + include /etc/nginx/mynode/mynode_ssl_proxy_params.conf; + } +} + +server { + listen 6003 ssl; + server_name public_apps_lndhub; + + include /etc/nginx/mynode/mynode_ssl_params.conf; + + ssl_certificate /home/bitcoin/.mynode/https/public_apps.crt; + ssl_certificate_key /home/bitcoin/.mynode/https/public_apps.key; + + access_log /var/log/nginx/access_public_apps.log; + error_log /var/log/nginx/error_public_apps.log; + + location / { + proxy_pass http://127.0.0.1:3000; + + include /etc/nginx/mynode/mynode_ssl_proxy_params.conf; + } +} \ No newline at end of file diff --git a/rootfs/standard/usr/bin/mynode_startup.sh b/rootfs/standard/usr/bin/mynode_startup.sh index 45a3cd40..add1f52f 100755 --- a/rootfs/standard/usr/bin/mynode_startup.sh +++ b/rootfs/standard/usr/bin/mynode_startup.sh @@ -711,6 +711,14 @@ echo "Generating certificates..." /usr/bin/mynode_gen_cert.sh https 825 /usr/bin/mynode_gen_cert_electrs.sh +# Ensure copy has been made for public_apps certificate (overwritten by premium+, but needed to start nginx) +if [ ! -f /home/bitcoin/.mynode/https/public_apps.crt ]; then + cp -f /home/bitcoin/.mynode/https/myNode.local.crt /home/bitcoin/.mynode/https/public_apps.crt +fi +if [ ! -f /home/bitcoin/.mynode/https/public_apps.key ]; then + cp -f /home/bitcoin/.mynode/https/myNode.local.key /home/bitcoin/.mynode/https/public_apps.key +fi + # Setup nginx HTTPS proxy mkdir -p /var/log/nginx || true mkdir -p /etc/nginx || true