gitea/HIS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

turning https
All checks were successful
Build and Deploy Angular App HIS / build (push) Successful in 44s
Details
Build and Deploy Angular App HIS / deploy (push) Successful in 54s
Details

Browse Source
This commit is contained in:
m.imanpour
2025-12-10 01:38:10 +03:30
parent 08c693bede
commit c4a832897b
3 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docker-compose.yml
View File

@@ -6,7 +6,7 @@ services:
expose: expose:
- "80" - "80"
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:80"] # Use curl (now installed) for reliable check; -f fails on non-200 test: ["CMD", "curl", "-f", "http://localhost:80"]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
@@ -19,16 +19,14 @@ services:
container_name: hospital-nginx container_name: hospital-nginx
restart: unless-stopped restart: unless-stopped
ports: ports:
- 4200:80 - 4200:443 # HTTPS on host port 4200 (access via https://hospital.networkwizard.xyz:4200)
# Optional: Add for HTTPS - "4201:443" (or standard 443 if you change ports)
environment: environment:
- CERTBOT_EMAIL=test@test.com - CERTBOT_EMAIL=test@test.com
- ENVSUBST_TEMPLATE_SUFFIX=.tmpl - ENVSUBST_TEMPLATE_SUFFIX=.tmpl
- CERTBOT_DISABLED=true # Set to false to enable auto-SSL (requires domain pointing to port 80) - CERTBOT_DISABLED=true
volumes: volumes:
- ./nginx_user_conf.d:/etc/nginx/user_conf.d:ro - ./nginx_user_conf.d:/etc/nginx/user_conf.d:ro
- letsencrypt:/etc/letsencrypt - letsencrypt:/etc/letsencrypt
# Adjust these cert paths to your server's actual location
- /home/devroot/HIS/certs/fullchain.pem:/etc/nginx/ssl/origin_cert.pem:ro - /home/devroot/HIS/certs/fullchain.pem:/etc/nginx/ssl/origin_cert.pem:ro
- /home/devroot/HIS/certs/prvkey.pem:/etc/nginx/ssl/origin_key.key:ro - /home/devroot/HIS/certs/prvkey.pem:/etc/nginx/ssl/origin_key.key:ro
depends_on: depends_on:

5
nginx.conf
View File

@@ -21,3 +21,8 @@ server {
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
} }
server {
listen 80;
server_name hospital.networkwizard.xyz;
return 301 https://$host$request_uri;
}

13
nginx_user_conf.d/hospital.conf
View File

@@ -1,7 +1,18 @@
server { server {
listen 80; listen 443 ssl;
server_name hospital.networkwizard.xyz; server_name hospital.networkwizard.xyz;
# Reference your mounted custom certs
ssl_certificate /etc/nginx/ssl/origin_cert.pem;
ssl_certificate_key /etc/nginx/ssl/origin_key.key;
# Recommended SSL settings for security
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / { location / {
proxy_pass http://hospital-app:80; proxy_pass http://hospital-app:80;
proxy_set_header Host $host; proxy_set_header Host $host;