public-mirrors/NewsBlur-viq
1
0
Fork 0
mirror of https://github.com/viq/NewsBlur.git synced 2025-04-13 09:38:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Different ssl cert location.

Browse source
This commit is contained in:
Samuel Clay 2020-06-01 17:09:57 -04:00
parent 9bfd0a6e82
commit dbf9e838a8
4 changed files with 20 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
config/nginx.newsblur.conf
View file

@ -13,13 +13,8 @@ server {
listen 443 default_server ssl;
# ssl on;
ssl_certificate /srv/newsblur/config/certificates/newsblur.com.pem;
ssl_certificate /srv/newsblur/config/certificates/newsblur.com.crt;
ssl_certificate_key /srv/newsblur/config/certificates/newsblur.com.key;
ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_dhparam /srv/newsblur/config/certificates/dhparams.pem;
client_max_body_size 4M;
server_name www.newsblur.com newsblur.com dev.newsblur.com push.newsblur.com *.newsblur.com circularapp.com *.circularapp.com;

17
fabfile.py vendored
View file

@ -800,18 +800,29 @@ def copy_certificates():
run('mkdir -p %s' % cert_path)
put(os.path.join(env.SECRETS_PATH, 'certificates/newsblur.com.crt'), cert_path)
put(os.path.join(env.SECRETS_PATH, 'certificates/newsblur.com.key'), cert_path)
put(os.path.join(env.SECRETS_PATH, 'certificates/comodo/newsblur.com.pem'), cert_path)
put(os.path.join(env.SECRETS_PATH, 'certificates/comodo/dhparams.pem'), cert_path)
# put(os.path.join(env.SECRETS_PATH, 'certificates/comodo/newsblur.com.pem'), cert_path)
# put(os.path.join(env.SECRETS_PATH, 'certificates/comodo/dhparams.pem'), cert_path)
put(os.path.join(env.SECRETS_PATH, 'certificates/ios/aps_development.pem'), cert_path)
# openssl x509 -in aps.cer -inform DER -outform PEM -out aps.pem
put(os.path.join(env.SECRETS_PATH, 'certificates/ios/aps.pem'), cert_path)
# Export aps.p12 from aps.cer using Keychain Assistant
# openssl pkcs12 -in aps.p12 -out aps.p12.pem -nodes
put(os.path.join(env.SECRETS_PATH, 'certificates/ios/aps.p12.pem'), cert_path)
run('cat %s/newsblur.com.pem > %s/newsblur.pem' % (cert_path, cert_path))
run('cat %s/newsblur.com.crt > %s/newsblur.pem' % (cert_path, cert_path))
run('echo "\n" >> %s/newsblur.pem' % (cert_path))
run('cat %s/newsblur.com.key >> %s/newsblur.pem' % (cert_path, cert_path))
def setup_certbot():
sudo('add-apt-repository -y universe')
sudo('add-apt-repository -y ppa:certbot/certbot')
sudo('apt-get update')
sudo('apt-get install -y certbot')
sudo('apt-get install -y python3-certbot-dns-dnsimple')
run('echo "dns_dnsimple_token = %s" > dnsimple.ini')
run('chmod 0400 dnsimple.ini')
sudo('certbot certonly -n --agree-tos --email samuel@newsblur.com --domains "*.newsblur.com" --dns-dnsimple --dns-dnsimple-credentials %s' % (settings.DNSIMPLE_TOKEN))
run('rm dnsimple.ini')
@parallel
def maintenance_on():
role = role_for_host()

4
settings.py
View file

@ -51,6 +51,10 @@ NEWSBLUR_URL = 'http://www.newsblur.com'
IMAGES_URL = 'https://imageproxy.newsblur.com'
SECRET_KEY = 'YOUR_SECRET_KEY'
IMAGES_SECRET_KEY = "YOUR_SECRET_IMAGE_KEY"
DNSIMPLE_TOKEN = "YOUR_DNSIMPLE_TOKEN"
RECAPTCHA_SECRET_KEY = "YOUR_RECAPTCHA_KEY"
YOUTUBE_API_KEY = "YOUR_YOUTUBE_API_KEY"
IMAGES_SECRET_KEY = "YOUR_IMAGES_SECRET_KEY"
# ===================
# = Global Settings =

2
utils/monitor_disk_usage.py
View file

@ -20,7 +20,7 @@ def main():
requests.post(
"https://api.mailgun.net/v2/%s/messages" % settings.MAILGUN_SERVER_NAME,
auth=("api", settings.MAILGUN_ACCESS_KEY),
data={"from": "NewsBlur Monitor: %s <%s>" % (hostname, hostname, admin_email),
data={"from": "NewsBlur Monitor: %s <%s>" % (hostname, admin_email),
"to": [admin_email],
"subject": "%s hit %s%% disk usage!" % (hostname, percent),
"text": "Usage on %s: %s" % (hostname, output)})