Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
LINAGORA
L
LGS
Labs
linstt-controller
Commits
9d7581e6
Commit
9d7581e6
authored
Dec 01, 2017
by
Yoann HOUPERT
Browse files
add ssl config
parent
e2e56a75
Pipeline
#6555
failed with stage
in 22 seconds
Changes
5
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
84 additions
and
2 deletions
+84
-2
Dockerfile
Dockerfile
+2
-2
app.js
app.js
+10
-0
config.json
config.json
+1
-0
docker-compose.yml
docker-compose.yml
+1
-0
ssl/generateDockerCert.sh
ssl/generateDockerCert.sh
+70
-0
No files found.
Dockerfile
View file @
9d7581e6
FROM
node:8-slim
RUN
apt-get update
&&
apt-get
install
-y
wget
--no-install-recommends
\
&&
wget
-q
-O
- https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
\
&&
sh
-c
'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
\
&&
apt-get update
\
&&
rm
-rf
/var/lib/apt/lists/
*
\
&&
apt-get purge
--auto-remove
-y
curl
\
...
...
@@ -17,4 +15,6 @@ RUN yarn install
COPY
. /usr/src/app/linstt-poc
RUN
/usr/src/app/linstt-poc/ssl/generateDockerCert.sh
CMD
["yarn", "start"]
app.js
View file @
9d7581e6
...
...
@@ -25,13 +25,23 @@ const bodyParser = require('body-parser');
const
config
=
require
(
'
./config.json
'
);
const
routes
=
require
(
'
./lib/webserver/routes
'
);
const
fs
=
require
(
'
fs
'
);
const
https
=
require
(
'
https
'
);
console
.
log
(
'
starting routes linstt-controller...
'
);
app
.
use
(
bodyParser
.
raw
({
type
:
'
audio/wav
'
,
limit
:
'
200mb
'
}));
app
.
use
(
fileUpload
());
app
.
use
(
'
/
'
,
routes
.
routesFactory
(
config
.
orchestrator
));
app
.
listen
(
config
.
api
,
()
=>
{
console
.
log
(
'
App listening on port 3000
'
);
});
https
.
createServer
({
key
:
fs
.
readFileSync
(
'
ssl/key.pem
'
),
cert
:
fs
.
readFileSync
(
'
ssl/cert.pem
'
)
},
app
).
listen
(
config
.
apiSsl
);
console
.
log
(
'
routes started linstt-controller...
'
);
config.json
View file @
9d7581e6
{
"api"
:
3000
,
"apiSsl"
:
3001
,
"orchestrator"
:
{
"gstreamer"
:
{
"host"
:
"linsttcontroller_kaldi_1"
,
...
...
docker-compose.yml
View file @
9d7581e6
...
...
@@ -12,6 +12,7 @@ services:
-
./media:/opt/media
ports
:
-
"
3000:3000"
-
"
3001:3001"
speech-enhencement
:
image
:
linagora/speech-enhencement
...
...
ssl/generateDockerCert.sh
0 → 100755
View file @
9d7581e6
#!/bin/bash
#
# Generates client and server certificates used to enable HTTPS
# remote authentication to a Docker daemon.
#
# See http://docs.docker.com/articles/https/
#
# To start the Docker Daemon:
#
# sudo docker -d \
# --tlsverify \
# --tlscacert=ca.pem \
# --tlscert=server-cert.pem \
# --tlskey=server-key.pem \
# -H=0.0.0.0:2376
#
# To connect to the Docker Daemon:
#
# sudo docker \
# --tlsverify \
# --tlscacert=ca.pem \
# --tlscert=cert.pem \
# --tlskey=key.pem \
# -H=localhost:2376 version
#
# IMPORTANT: when connecting via IP instead of hostname you
# will need to substitute --tlsverify with --tls
BASEDIR
=
$(
dirname
"
$0
"
)
echo
"
$BASEDIR
"
cd
$BASEDIR
set
-e
set
-x
DAYS
=
1460
PASS
=
$(
openssl rand
-hex
16
)
# remove certificates from previous execution.
rm
-f
*
.pem
*
.srl
*
.csr
*
.cnf
# generate CA private and public keys
echo
01
>
ca.srl
openssl genrsa
-des3
-out
ca-key.pem
-passout
pass:
$PASS
2048
openssl req
-subj
'/CN=*/'
-new
-x509
-days
$DAYS
-passin
pass:
$PASS
-key
ca-key.pem
-out
ca.pem
# create a server key and certificate signing request (CSR)
openssl genrsa
-des3
-out
server-key.pem
-passout
pass:
$PASS
2048
openssl req
-new
-key
server-key.pem
-out
server.csr
-passin
pass:
$PASS
-subj
'/CN=*/'
# sign the server key with our CA
openssl x509
-req
-days
$DAYS
-passin
pass:
$PASS
-in
server.csr
-CA
ca.pem
-CAkey
ca-key.pem
-out
server-cert.pem
# create a client key and certificate signing request (CSR)
openssl genrsa
-des3
-out
key.pem
-passout
pass:
$PASS
2048
openssl req
-subj
'/CN=client'
-new
-key
key.pem
-out
client.csr
-passin
pass:
$PASS
# create an extensions config file and sign
echo
extendedKeyUsage
=
clientAuth
>
extfile.cnf
openssl x509
-req
-days
$DAYS
-passin
pass:
$PASS
-in
client.csr
-CA
ca.pem
-CAkey
ca-key.pem
-out
cert.pem
-extfile
extfile.cnf
# remove the passphrase from the client and server key
openssl rsa
-in
server-key.pem
-out
server-key.pem
-passin
pass:
$PASS
openssl rsa
-in
key.pem
-out
key.pem
-passin
pass:
$PASS
# remove generated files that are no longer required
rm
-f
ca-key.pem ca.srl client.csr extfile.cnf server.csr
exit
0
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment