commit 51bce75a8970cfd2dfe1b06e934d7fa8e23cbf4e Author: ddadmin Date: Fri Sep 12 16:17:41 2025 +0300 Initial commit diff --git a/.env b/.env new file mode 100644 index 0000000..419cfa8 --- /dev/null +++ b/.env @@ -0,0 +1,21 @@ +1COMPOSE_PROJECT_NAME=tqo +NETWORK=tqo + +FRONT_TAG=139.1 +DOTDOT_TAG=139.1 +LMS_TAG=DD-4042-STORY +ADMIN_TAG=master +LANDING_TAG=master +CABINET_TAG=DD-4159 + +MYSQL_PORT=0.0.0.0:33064 +MYSQL_ROOT_PASSWORD=seeFiethae8enga6ohNi +MYSQL_DATABASE=dot +MYSQL_USER=dot +MYSQL_PASSWORD=seeFiethae8enga6ohNi + +RABBITMQ_USERNAME=ddadmin +RABBITMQ_PASSWORD=Utahth9aeshahgh3saik + +REDIS_USERNAME=ddadmin +REDIS_PASSWORD=Utahth9aeshahgh3saik diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5f2fcc7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +backups/* diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/app.sh b/app.sh new file mode 100755 index 0000000..86c2dea --- /dev/null +++ b/app.sh @@ -0,0 +1,177 @@ +DIRECTORY=`dirname $0` + +MYSQL_ROOT_PASSWORD=$(grep MYSQL_ROOT_PASSWORD $DIRECTORY"/.env" | xargs) +MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD#*=} + +help() { + echo "run $0 [COMMAND] " + echo ' + "init" - run init flow + "up" - up -d all services + "down" - down all services without volumes + "composer" - run composer ${@:2} + "psalm" - run composer analyse + "php-fixer" - run composer cs + "deptrac" - run composer deptrac + "tests" - run composer tests + "console" - run docker compose exec php ./bin/console ${@:2} + "db" - run mysql shell + "db-create" - crate database + "backup-dev" - + "backup-create" - + "backup-exec" - + "restore-dev" - + "purge-db" - purge database + "restore-db" - restore database from s3 backup + "front" - exec front container + +' +} + +log() { + RED='\e[31m' + GREEN='\e[32m' + + case $2 in + info) + printf "${GREEN}${1}\e[0m\n" + ;; + error) + printf "${RED}${1}\e[0m\n" + ;; + *) + printf "${1}" + ;; + esac +} + +## restore last backup from s3 storage +restoredb() { + log "run restore database" + sudo rclone copy --verbose selectel:backup_db/dot/dot.$(date +%a).sql.gz backups/ + zcat backups/dot.$(date +%a).sql.gz | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot +} + +checkDockerCompose() { + if ! [ -f "docker-compose.yml" ]; then + log "docker-compose.yml not exist. Run init command" "error" + exit + fi +} + +init() { + dumpfile=$(ls backups/ | sort | tail -1) + if ! [ -f backups/${dumpfile} ]; then + log "put dot.sql to backups directory" "error" + exit + fi + + if ! [ -f ".env" ]; then + log ".env not exist. Run init command" "error" + exit + fi + + up + + docker compose exec php composer install +# docker compose exec front npm i + +# docker compose exec front npm run build + + if ! docker compose exec db mysql -uroot -proot -e "show databases" | grep "dot "; then + createDatabase "dot" + execBackup "dot" ${dumpfile} + fi +} + +up() { + checkDockerCompose + docker compose up -d +} + +down() { + checkDockerCompose + docker compose down +} + +createDatabase() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database $1" + log "create database $1" "info" +} + +createBackup() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} $1 > backups/$2.sql +} + +createBackupWithExceptions() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --ignore-table=dot.ml_calculator_log dot > backups/dot_develop.sql + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --no-data dot ml_calculator_log >> backups/dot_develop.sql +} + +execBackup() { + zcat backups/$2 | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} $1 + log "exec $2.sql backup" "info" +} + +execDevBackup() { + docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot < backups/dot_develop.sql + log "exec dot_develop.sql backup" "info" +} + +purgeDb() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "drop database dot" + log "dropped database dot" "info" + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database dot" + log "created database dot" "info" +} + +composer() { + docker compose exec php php -d memory_limit=-1 /usr/local/bin/composer ${@:1} +} + +case "$1" in + "help") + help;; + "init") + init;; + "up") + up;; + "down") + down;; + "composer"*) + composer ${@:2};; + "psalm"*) + composer analyse;; + "php-fixer") + composer cs;; + "deptrac") + composer deptrac;; + "tests") + composer tests;; + "console"*) + docker compose exec php ./bin/console ${@:2};; + "db") + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD};; + "db-create") + createDatabase $2;; + "backup-dev"*) + createBackupWithExceptions $2;; + "backup-create"*) + createBackup $2 $3;; + "backup-exec"*) + execBackup $2 $3;; + "restore-dev"*) + execDevBackup;; + "purge-db"*) + purgeDb;; + "restore-db") + restoredb;; + "front"*) + case $2 in + *) + docker compose exec nuxt ${@:2};; + esac;; + *) + help + #docker compose exec php ./bin/console ${@:1};; +esac diff --git a/configs/admin/.env b/configs/admin/.env new file mode 100644 index 0000000..56102e4 --- /dev/null +++ b/configs/admin/.env @@ -0,0 +1,80 @@ +APP_NAME="DOT-DOT admin" +APP_ENV=production +APP_KEY=base64:IsI2/a6+WLRl5owxc1i5F+bbOZi7DjaS0IMEoxg14c0= +APP_DEBUG=true +APP_TIMEZONE=UTC +APP_URL=https://tqoadmin.spottorg.ru +FRONTEND_URL=https://tqoadmin.spottorg.ru +ASSET_URL=https://tqoadmin.spottorg.ru +APP_EMAIL_DOMAIN="tqo.spottorg.ru" + +APP_LOCALE=ru +APP_FALLBACK_LOCALE=ru +APP_FAKER_LOCALE=ru_RU + +APP_MAINTENANCE_DRIVER=file +# APP_MAINTENANCE_STORE=database + +BCRYPT_ROUNDS=12 + +LOG_CHANNEL=stack +LOG_STACK=single +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DEFAULT_DB_CONNECTION=dashboard + +#Параметры подключения к базе панели управления + +DASHBOARD_DB_HOST=db +DASHBOARD_DB_PORT=3306 +DASHBOARD_DB_DATABASE=dashboard +DASHBOARD_DB_USERNAME=root +DASHBOARD_DB_PASSWORD=seeFiethae8enga6ohNi + +#Параметры подключения к базе dot-dot + +DOT_DOT_DB_HOST=db +DOT_DOT_DB_PORT=3306 +DOT_DOT_DB_DATABASE=dot +DOT_DOT_DB_USERNAME=dot +DOT_DOT_DB_PASSWORD=seeFiethae8enga6ohNi + +SESSION_DRIVER=database +SESSION_LIFETIME=120 +SESSION_ENCRYPT=false +SESSION_PATH=/ +SESSION_DOMAIN=null + +BROADCAST_CONNECTION=log +FILESYSTEM_DISK=local +QUEUE_CONNECTION=database + +CACHE_STORE=database +CACHE_PREFIX= + +MEMCACHED_HOST=127.0.0.1 + +REDIS_CLIENT=phpredis +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +MAIL_MAILER=log +MAIL_HOST=127.0.0.1 +MAIL_PORT=2525 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false + +VITE_APP_NAME="${APP_NAME}" + +DOT_DOT_HOST=https://tqolms.spottorg.ru diff --git a/configs/admin/default b/configs/admin/default new file mode 100644 index 0000000..5061e0a --- /dev/null +++ b/configs/admin/default @@ -0,0 +1,25 @@ +server { + server_name tqoadmin.spottorg.ru; + listen 443 ssl; + + ssl_certificate /etc/letsencrypt/live/spottorg.ru/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/spottorg.ru/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/spottorg.ru/chain.pem; + + + index index.php index.html index.htm; + root /application/public; + + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; + fastcgi_pass localhost:9000; + try_files $uri =404; + fastcgi_index index.php; + } +} diff --git a/configs/cabinet/.env b/configs/cabinet/.env new file mode 100755 index 0000000..66e3ba4 --- /dev/null +++ b/configs/cabinet/.env @@ -0,0 +1,13 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=tqo.spottorg.ru +API_URL=https://tqolms.spottorg.ru/ +DOMAIN=tqo.spottorg.ru + +APP_HOST=tqolms.spottorg.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=50156956 diff --git a/configs/cabinet/entrypoint.sh b/configs/cabinet/entrypoint.sh new file mode 100755 index 0000000..386bc9e --- /dev/null +++ b/configs/cabinet/entrypoint.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +DOMAIN="${DOMAIN:-lmscabinet.dot-dot.ru}" + +for x in $(grep -lrw "lmscabinet.dot-dot.ru" .nuxt/);do + echo "replace lmscabinet.dot-dot.ru to https://${DOMAIN} in $x" + sed -i "s|lmscabinet.dot-dot.ru|${DOMAIN}|g" $x; +done + +for x in $(grep -lrw "https://dot-dot.ru/" .nuxt/);do + echo "replace https://dot-dot.ru to ${API_URL} in $x"; + sed -i "s|https://dot-dot.ru/|${API_URL}|g" $x; +done + +"$@" diff --git a/configs/centrifugo/config.json b/configs/centrifugo/config.json new file mode 100644 index 0000000..52d19d7 --- /dev/null +++ b/configs/centrifugo/config.json @@ -0,0 +1,10 @@ +{ + "token_hmac_secret_key": "6085d43b-f55b-4387-9dff-3c9abf385dc8", + "admin_password": "bc24acd1-b885-4108-b3cf-971dffca6934", + "admin_secret": "ca0a7656-f589-42e6-9e49-98dd3c5beb46", + "api_key": "aa7443fb-e623-4363-91ac-ef25908b1403", + "admin": true, + "allowed_origins": ["https://tqolms.spottorg.ru", "https://tqo.spottorg.ru"], + "allow_subscribe_for_client": true, + "allow_user_limited_channels": true +} diff --git a/configs/landing/config.php b/configs/landing/config.php new file mode 100644 index 0000000..818db29 --- /dev/null +++ b/configs/landing/config.php @@ -0,0 +1,22 @@ + 'ssl://smtp.mail.ru', + 'smtp_port' => 465, + 'smtp_user' => 'no_reply@dot-dot.ru', + 'smtp_pass' => 'NRTk7rXhesHQpi3YWB92', + + 'subject' => 'Заявка Спотторг', + + 'sender' => [ + 'email' => 'no_reply@dot-dot.ru', + 'name' => 'Спотторг' + ], + + 'recipients' => [ // Получателей может быть несколько + 0 => [ + 'email' => 'rzaharov@tqo.spottorg.ru', + 'name' => 'Менеджер' + ] + ], +]; diff --git a/configs/lms/.env b/configs/lms/.env new file mode 100755 index 0000000..9a2320d --- /dev/null +++ b/configs/lms/.env @@ -0,0 +1,13 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=https://tqolms.spottorg.ru/ +API_URL=https://tqolms.spottorg.ru/ +DOMAIN=tqolms.spottorg.ru + +APP_HOST=tqolms.spottorg.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=5015695 diff --git a/configs/lms/entrypoint.sh b/configs/lms/entrypoint.sh new file mode 100755 index 0000000..9555071 --- /dev/null +++ b/configs/lms/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh -x + +DOMAIN="${DOMAIN:-lms.dot-dot.ru}" + +for x in $(grep -lrw "lms.dot-dot.ru" .nuxt/);do + echo "replace lms.dot-dot.ru to https://${DOMAIN} in $x" + sed -i -e "s/lms.dot-dot.ru/${DOMAIN}/g" $x; +done + +"$@" diff --git a/configs/nginx/conf.d/admin.conf b/configs/nginx/conf.d/admin.conf new file mode 100644 index 0000000..1307118 --- /dev/null +++ b/configs/nginx/conf.d/admin.conf @@ -0,0 +1,30 @@ +server { + listen 80; + server_name tqoadmin.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name tqoadmin.spottorg.ru; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + client_max_body_size 10m; + + access_log /var/log/nginx/tqoadmin.spottorg.ru_access.log json; + error_log /var/log/nginx/tqoadmin.spottorg.ru_error.log; + + location / { + proxy_pass https://admin:443; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } +} diff --git a/configs/nginx/conf.d/cabinet.conf b/configs/nginx/conf.d/cabinet.conf new file mode 100644 index 0000000..dc01a9c --- /dev/null +++ b/configs/nginx/conf.d/cabinet.conf @@ -0,0 +1,126 @@ +server { + listen 443 ssl ; + server_name tqo.spottorg.ru; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + client_max_body_size 10m; + + root /application/public; + + location / { + proxy_pass http://cabinet:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; + } + + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + # location /storybook { + # alias /application/nuxt/storybook-static; + # } + + location /logout { + try_files $uri @rewriteapp; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location /robots.txt { + proxy_pass http://static; + } + + location /connection/websocket { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://centrifugo; + } + + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass backend:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} diff --git a/configs/nginx/conf.d/demo.conf b/configs/nginx/conf.d/demo.conf new file mode 100755 index 0000000..4d56ad3 --- /dev/null +++ b/configs/nginx/conf.d/demo.conf @@ -0,0 +1,135 @@ +server { + listen 80; + server_name lmstqo.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name lmstqo.spottorg.ru; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + root /application/public; + + client_max_body_size 30m; + + + location / { + proxy_pass http://lms:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; + } + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + # location /storybook { + # alias /application/nuxt/storybook-static; + # } + + location /logout { + try_files $uri @rewriteapp; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location /css { + proxy_pass http://static; + } + + location /robots.txt { + proxy_pass http://static; + } + + location /connection/websocket { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://centrifugo; + } + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass backend:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} diff --git a/configs/nginx/conf.d/demows.conf b/configs/nginx/conf.d/demows.conf new file mode 100644 index 0000000..f86e5b8 --- /dev/null +++ b/configs/nginx/conf.d/demows.conf @@ -0,0 +1,44 @@ +server { + listen 80; + server_name wstqo.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +upstream centrifugo { + server centrifugo:8000; +} + +server { + listen 443 ssl; + server_name wstqo.spottorg.ru; + + access_log /var/log/nginx/wstqo.spottorg.ru_access.log json; + error_log /var/log/nginx/wstqo.spottorg.ru_error.log; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + location / { + proxy_pass_header Server; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass http://centrifugo; + } + location /socket { + proxy_buffering off; + proxy_set_header X-Real-IP $remote_addr; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://centrifugo; + } + location /connection { + proxy_buffering off; + proxy_set_header X-Real-IP $remote_addr; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://centrifugo; + } +} diff --git a/configs/nginx/conf.d/landing.conf b/configs/nginx/conf.d/landing.conf new file mode 100644 index 0000000..9587339 --- /dev/null +++ b/configs/nginx/conf.d/landing.conf @@ -0,0 +1,30 @@ +server { + listen 80; + server_name landingtqo.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name landingtqo.spottorg.ru; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + client_max_body_size 10m; + + access_log /var/log/nginx/landingtqo.spottorg.ru_access.log json; + error_log /var/log/nginx/landingtqo.spottorg.ru_error.log; + + location / { + proxy_pass http://landing:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } +} diff --git a/configs/nginx/conf.d/lms.conf b/configs/nginx/conf.d/lms.conf new file mode 100755 index 0000000..fe7a036 --- /dev/null +++ b/configs/nginx/conf.d/lms.conf @@ -0,0 +1,138 @@ +server { + listen 80; + server_name tqolms.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name tqolms.spottorg.ru; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + access_log /var/log/nginx/tqolms.spottorg.ru_access.log json; + error_log /var/log/nginx/tqolms.spottorg.ru_error.log; + + root /application/public; + + + client_max_body_size 30m; + + location / { + proxy_pass http://lms:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; + } + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + # location /storybook { + # alias /application/nuxt/storybook-static; + # } + + location /logout { + try_files $uri @rewriteapp; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location /connection/websocket { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://centrifugo; + } + + location /robots.txt { + root /etc/nginx/other/demo.dot-dot.ru; + } + + location /css { + proxy_pass http://static; + } + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + #add_header 'Access-Control-Allow-Origin' $http_origin; + #add_header 'Access-Control-Allow-Origin' *; + #add_header 'Access-Control-Allow-Credentials' 'true'; + #add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + #add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass backend:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} diff --git a/configs/nginx/conf.d/rabbitmq.conf b/configs/nginx/conf.d/rabbitmq.conf new file mode 100755 index 0000000..6b7c6d6 --- /dev/null +++ b/configs/nginx/conf.d/rabbitmq.conf @@ -0,0 +1,48 @@ +server { + listen 80; + server_name rabbitmqtqo.spottorg.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name rabbitmqtqo.spottorg.ru; + + access_log /var/log/nginx/rabbitmqlmstqo.spottorg.ru_access.log json; + error_log /var/log/nginx/rabbitmqlmstqo.spottorg.ru_error.log; + + ssl_certificate /etc/nginx/ssl/spottorg.crt; + ssl_certificate_key /etc/nginx/ssl/spottorg.key; + + proxy_buffer_size 128k; + proxy_buffers 4 128k; + client_body_buffer_size 32k; + client_header_buffer_size 256k; + large_client_header_buffers 4 256k; + + location / { + client_max_body_size 600m; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://rabbitmq:15672; + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; + } + + location /metrics { + client_max_body_size 600m; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://rabbitmq:15692/metrics; + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; + } +} \ No newline at end of file diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf new file mode 100755 index 0000000..9f79d49 --- /dev/null +++ b/configs/nginx/nginx.conf @@ -0,0 +1,64 @@ +user nginx; +worker_processes 16; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 10240; + use epoll; + multi_accept on; +} +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + log_format upstream_time '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" rt=$request_time uct=$upstream_connect_time uht=$upstream_header_time urt=$upstream_response_time "$http_user_agent"'; + + log_format json escape=json '{' + '"time":"$time_iso8601",' + '"proxy_protocol_addr":"$proxy_protocol_addr",' + '"remote_addr":"$remote_addr",' + '"x-forward-for":"$proxy_add_x_forwarded_for",' + '"request_id":"$request_id",' + '"request":"$request",' + '"remote_user":"$remote_user",' + '"bytes_sent":"$bytes_sent",' + '"body_bytes_sent":"$body_bytes_sent",' + '"request_time":"$request_time",' + '"status":"$status",' + '"vhost":"$host",' + '"request_proto":"$server_protocol",' + '"path":"$uri",' + '"request_query":"$args",' + '"request_length":"$request_length",' + '"method":"$request_method",' + '"http_referrer":"$http_referer",' + '"http_user_agent":"$http_user_agent",' + '"upstream_addr":"$upstream_addr",' + '"upstream_latency":"$upstream_response_time",' + '"upstream_status":"$upstream_status",' + '"upstream_response_time":"$upstream_response_time",' + '"upstream_connect_time":"$upstream_connect_time",' + '"upstream_header_time":"$upstream_header_time",' + '"upstream_bytes_received":"$upstream_bytes_received",' + '"upstream_bytes_sent":"$upstream_bytes_sent",' + '"tls":"$ssl_protocol/$ssl_cipher"' + '}'; + + access_log /var/log/nginx/access.log json; + + server_tokens off; + charset UTF-8; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_requests 1000; + keepalive_timeout 65; + #gzip on; + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + resolver 127.0.0.11 ipv6=off valid=1s; + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/configs/nginx/ssl/dot2023.crt b/configs/nginx/ssl/dot2023.crt new file mode 100755 index 0000000..6dac8f0 --- /dev/null +++ b/configs/nginx/ssl/dot2023.crt @@ -0,0 +1,89 @@ +-----BEGIN CERTIFICATE----- +MIIHQTCCBimgAwIBAgIMYVwKHoDdXb8WTFQpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB +bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEc0MB4XDTIzMDgwMjE0MTYxN1oXDTI0MDkw +MjE0MTYxNlowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCV +dDp4+ffuBFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9Cq +VVT1F3s+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4Nex +VqHnL4ClHvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZ +yebOxix+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ON +hUo3nNd8zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR +2CCzy9maj4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7Or +ikVdMcDb68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEe +hdTSpoASD/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt +/GmjwJlFCWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5A +bRb6YRW+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivz +jxcCAwEAAaOCA1YwggNSMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYw +gYMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj +ZXJ0L2FscGhhc3NsY2FzaGEyNTZnNC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9v +Y3NwLmdsb2JhbHNpZ24uY29tL2FscGhhc3NsY2FzaGEyNTZnNDBXBgNVHSAEUDBO +MAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v +d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwQQYDVR0f +BDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9hbHBoYXNzbGNh +c2hhMjU2ZzQuY3JsMCMGA1UdEQQcMBqCDCouZG90LWRvdC5ydYIKZG90LWRvdC5y +dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUT8us +qMLvq92Db2u/zpg9XFgldhUwHQYDVR0OBBYEFIt9yZp7jkyW2E7F5+NDJJmTMtN/ +MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModG +fLzs3sNRSFlGcR+1mwAAAYm2m1GuAAAEAwBHMEUCIQDVSAsUx+m51oyOz+83SGL2 +JpUGiUKiXgInZsWbG25VygIgLF23BEmAoRV+PFPclVuHrztd4lQecA+32tvUZ3xf +OWQAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYm2m07AAAAE +AwBGMEQCIE14pWcPqQC25z/q0FR5PaU+xIilbLwXvYm1UvJSajPDAiBEYH/fq9iP +pnK9z+7aLua2mh6uF2RMHRtcE/nbsr2tcQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7 +UYSFNL2kPTBI1/urAAABibabTscAAAQDAEcwRQIgQlo7NdtTa6cyiAKdsfozkLMQ +wt+D4WZCcdzk9GYul74CIQCa7MvbM4pP0jSLN6MYWPEAt0hXiDzHKihtVt0ChW0R +qDANBgkqhkiG9w0BAQsFAAOCAQEAB338wY8/u9tawPiCdr6dD10SO9+mQNCv83xI +Qa7IQ/33VQUMQ6qCMYTLZqu7c/e1x587UG7TLf0I3awEfBbLeMkTJKEooCK9VG3O +nfWD/lTwvr13lEpKuEEx643eqirxJEv3bQTHpQBn1Pkm9Svw/LJWi/bUKg0VNjYs +jQrZYH0q3jzx3dV3S5hUCjGL6d0tflD5w5YHWWMaEuVsn7yYovAROKnYOWuVisPJ +YRA6cADR39usU1CyLTSb50PHUOosnp+YqZCzVkU2Z/gPLyXjiRKU6wou8baSoDHu +KoxoGK4YfjizRTAdEexD+LHh0s1Ev6gr9OetJWPjbhghNGPIbw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw +MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i +YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT +aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ +jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp +xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp +1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG +snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ +U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 +9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B +AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz +yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE +38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP +AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad +DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME +HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEijCCA3KgAwIBAgIQfU1CqStDHX5kU+fBmo1YdzANBgkqhkiG9w0BAQsFADBX +MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE +CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIyMTAx +MjAzNDk0M1oXDTI3MTAxMjAwMDAwMFowTDELMAkGA1UEBhMCQkUxGTAXBgNVBAoT +EEdsb2JhbFNpZ24gbnYtc2ExIjAgBgNVBAMTGUFscGhhU1NMIENBIC0gU0hBMjU2 +IC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJCmVZhWIPzOH +A3jP1QwkuDFT8/+DImyZlSt85UpZwq7G0Sqd+n8gLlHIZypQkad5VkT7OLU+MI78 +lC7LVwxpU19ExlaWL67ANyWG8XHx3AJFQoZhuDbvUeNzRQyQs6XS5wN6uDlF0Bf1 +AtCUQWrGGLGYwyC1xTrzgrFKpESsIXMqklUGTsh8i7DKZhRUVfgrPLJUkbbLUrLY +42+KRCiwfSvBloC5PgDYnj3oMZ1aTe3Wfk3l1I4D3RKaJ4PU1qHXhHJOge2bjGIG +l6MsaBN+BB2sr6EnxX0xnMIbew2oIfOFoLqs47vh/GH4JN0qql2WBHfDPVDm3b+G +QxY6N/LXAgMBAAGjggFbMIIBVzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI +KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE +FE/LrKjC76vdg29rv86YPVxYJXYVMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTN +NKj//P1LMHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au +Z2xvYmFsc2lnbi5jb20vcm9vdHIxMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl +Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIxLmNydDAzBgNVHR8ELDAqMCig +JqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMCEGA1UdIAQa +MBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggEBABol +9nNkiECpWQenQ7oVP1FhvRX/LWTdzXpdMmp/SELnEJhoOe+366E0dt8tWGg+ezAc +DPeGYPmp83nAVLeDpji7Nqu8ldB8+G/B6U9GB8i2DDIAqSsFEvcMbWb5gZ2/DmRN +cifGi9FKAuFu2wyft4s4DHwzL2CJ2zjMlUOM3RaE1cxuOs+Om6MCD9G7vnkAtSiC +/OOfHO902f4yI2a48K+gKaAf3lISFXjd32pwQ21LpM3ueIGydaJ+1/z8nv+C7SUT +5bHoz7cYU27LUvh1n2WSNnC6/QwFSoP6gNKa4POO/oO13xjhrLRHJ/04cKMbRALt +JWQkPacJ8SJVhB2R7BI= +-----END CERTIFICATE----- diff --git a/configs/nginx/ssl/dot2023.key b/configs/nginx/ssl/dot2023.key new file mode 100755 index 0000000..a9c3884 --- /dev/null +++ b/configs/nginx/ssl/dot2023.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCVdDp4+ffu +BFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9CqVVT1F3s+ +YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4NexVqHnL4Cl +HvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZyebOxix+ +4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ONhUo3nNd8 +zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR2CCzy9ma +j4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7OrikVdMcDb +68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEehdTSpoAS +D/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt/GmjwJlF +CWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5AbRb6YRW+ +wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivzjxcCAwEA +AQKCAgEAri0Pi8KOI348uW9ZnPzuwT7hXvy3IZs1Uzo5hqPu1XqtOEm+8RRbhUC0 +azuumYMfAKDhGxzlAy3JqgJQrrnSEfLFFPFifbEjjY1bIckK82K75SPSn+m2lEro +QvGpH1iE4krKt6geX/ZVX29a9vAqLbXrdUQavDFJtXAJq3R8IgLMWUT2OE1utyD5 +FoNmFfz5N7x8daMdtvUBMagwxqYU4iKn2/IRH7tpPm3dACxdW78fMYrkJy32D8Ld +3uBjJXOl7/9iFc+GsSbhD9utyw+YYRTBVTfVf1cpvdeIF1eHPIGQvxTkctV7Hfhu +F4NsL3aH9gh2Rdc9pjtJ2RxfX70DZUJ+mDguAwkVDeLlrxUqanqRAUew9mw4yqFd +Jni5MeSU6+1aSA6rDlCMsXdpaIfozcj9UHfvs8aNTLV0iHs6QG0NVOJhm/DtzPfb +SFQhtJ93CPeuWqdNylFiq0mdhHv09RWiSXOwDZbRmZGdfR8KVEg91LBLw9v+F51L +ewSFZMH6akr+6H6D1kjLumAQsUF6nEsPpVoRZHzvlpUVUKV7q+BI1N/Fqlncw9I+ +9IysFimQbfx9itFlzNfMYOQ1pfP51nuiCflojlOJUP4n3YnzdJA37AwXSZYndyiW +PsX5CWYEOn+IW8TnS9ZoGT1YfsOnNx0oDW6RTu+5m7LjNvnu8jECggEBAO3onsfT +oU/E8AAFf3FVNrGI4GuUWu9Nl1+vClMFRpyOeiSafVvodXg6fgckhOr8KQlfwB1r +QBXz/zkUKV3lWGuONx4z9NAlUB5Nvb3uHof6nWgE4ZZ74CjXR3IZM9WlbcOxB4YV +KjBT+IgvbKv7UdbKGpFq/wZWT1t8MwbjcDcwLSvxXcZOF/VQB7EJftht24Z5Mqfn +B8u2Z6afS2VlX3GbVg8ymsT+ohrKZSsIScrD/c52rDUkiIYldLSljRBaRCxlXwBx +kUMNQvYMtRSv/b22cSAZDXV8vN8gby7XZMM6f3UKYF9BCbxbJvpwbGOsBqrsWySo +JwiayvBMw8kNn9sCggEBAN93KqwxIKplr8yaLc9vFqXR/dLIJkK2YvaYTK9NjGVb +4U5Z18K+Yv57dy7M7sDay61uHG52YEpbiyALD+XaVcWpYBNOvuNiu35Oa4WOdV7N +4yU5+DcjhgJySeiQ64NW8s88yD6pmHzFxXYgKkLkkr2EqaL+yvCYVCs1o5bV0boo +2Y8n8UxjgLSxVWHWALW38IfbI1nkK/IabWO1hl1m8pdXaPZax68NIp3R8YFyWHep +JiJryUAtSbo3QLdXM90OFPLtiSY1faHcvzb7FZ6ux8RKbbXAIkNTcjnf66AQhVNp +jykYRcALX+r+Xj6RLPypwniGDqlhao1dlw2s+VokgHUCggEBALTj2EaLrO1gCjOZ ++oqLhih6sFhb1sB5OI1yI+F383Z6BnjqVkKZfyfJIaYAqGebDwCnowU7VODcQsR9 +he50wUQWP+ZhDtVsaXyBE7Hj6abucNx0SaoHyiqDdTlV3EmnnMvcQKI8WXWhgyjZ +FkG1t0YfKRBEUF/bJD+lMY8dQ2dS5CWzQd/T5PeKwC5lz+JztSSL5m4vhYfoyuqv +173i1C0nNModafw6t7qzBTUw+hqH5uUi6lEF1CBbPl9UOOukFo3DDfbiYtaesLkw +dEakgcPLgjwrkEYyb9Efciolb+HZCqxNFXWXl/V1QS/OZztpwzAWwj4e9H7gY0lO +tNab210CggEAJtLTTRsz66bDBi77KoDIVILJMGepjgmV4/XNzN8SN0HhQPWG8MSW ++lOE/1KHYGYi4Lyyn9ZdIE4LO8PwPSTTpgWpNXGG5IZwwJ7rO0bmyVPH1N3fa+T2 +EVK92HPlFupyQOL0fz6DyZmqlr072mdPvzFfL3xI0cgFR4SIKVp4l3klYyOzXmwj +HkF47gh6Exgj59aAq8tifytsOdh9wZhzKSv8hmB7NMR5cSXaaXzuNcvjXjOPwWCc +4Idc7P1ve0ZJCXOPUl4Ut5xcdDbnKKyA9G9h5CO/UCcdP0TR8PstzrIWNzOKWrUf +MvqCcShTwonTyZCw12ifVHQgHDYjFDAnSQKCAQAqlEkgCuA9ObOsj7W4KM/OjWd/ +wK8EC9oESdBOl9fn/pAktyh73GYYsIqwaHFRDcTLr74ULdqx+4vsOvCXl0wMMFOq +iAZdba8CYtjFVDudJf3oJceSHiITocJqo4H4zOxeL0K1ssoX5caN5kYzYufCfKKH +dGEPWnI+l3akR1kqHL6Xoq0YluPGh6PhkV2X6tuUf4G5K1NEdT4+KE1IeJqFviLd +mOE5sErWyUrQotsI2n14gsdONOwS0FkElGlEZgCPu2uiXhrYeUf+R4r/V3MNtwVl +aFk8InJnkfr7XitOv/Q+eJThwhnnNCrefLj/x9vAHUrNvRf+NpKr1xSDk9fk +-----END RSA PRIVATE KEY----- diff --git a/configs/nginx/ssl/dot2024.crt b/configs/nginx/ssl/dot2024.crt new file mode 100755 index 0000000..c3da3d4 --- /dev/null +++ b/configs/nginx/ssl/dot2024.crt @@ -0,0 +1,107 @@ +-----BEGIN CERTIFICATE----- +MIIHVjCCBj6gAwIBAgIMUR4H/7XMBL9Q9JAXMA0GCSqGSIb3DQEBCwUAMFUxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSswKQYDVQQDEyJH +bG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAyMDIzMB4XDTI0MDgxNDA0MjQz +MVoXDTI1MDkxNTA0MjQzMFowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPle +RZg0Egj+gqyiGa/RXjpWm0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZ +UW4lMYiEwF9jSXINlfuzgKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wq +EEE6YC09OjFRbErlF1jAFL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897 +zrUwbF7aYTGwKotk6w11L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9Zr +nJl0x+3/4XSS7ogcInUdFopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy1 +6WTDLdIsCNzZpiRvbPxbxvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2 +/wifmes9OlfoAV/QlrpehpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIi +LfpzmlqCC9EXrK0GWTl/K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6 +dtLhP3LjN+lvR7BNKTCNhafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9t +oiSch6x4O/aLyFY3aO4/GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+u +wd7w3gTvSLWR3DcCAwEAAaOCA2IwggNeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB +Af8EAjAAMIGZBggrBgEFBQcBAQSBjDCBiTBJBggrBgEFBQcwAoY9aHR0cDovL3Nl +Y3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyNmFscGhhc3NsY2EyMDIz +LmNydDA8BggrBgEFBQcwAYYwaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nn +Y2NyNmFscGhhc3NsY2EyMDIzMFcGA1UdIARQME4wCAYGZ4EMAQIBMEIGCisGAQQB +oDIKAQMwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v +cmVwb3NpdG9yeS8wRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5nbG9iYWxz +aWduLmNvbS9nc2djY3I2YWxwaGFzc2xjYTIwMjMuY3JsMCMGA1UdEQQcMBqCDCou +ZG90LWRvdC5ydYIKZG90LWRvdC5ydTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwHwYDVR0jBBgwFoAUvQW384qTPHPLefoPhRKhd5YYkXQwHQYDVR0OBBYE +FEFaB0lwsh68jY4d3zGJ8RSUenjoMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA +dQCvGBoo1oyj4KmKTJxnqwn4u7wiuq68sTijoZ3T+bYDDQAAAZFPIWD2AAAEAwBG +MEQCIBr9tqm+1D7C4ecXmA7ne6gHVeLgGOFf3jjnYdz80JWhAiASjtZlH8rYzLwF +3AX/Cfo+7KfRG+mbk2FY9OKJuu7bWgB1ABLxTjS9U3JMhAYZw48/ehP457Vih4ic +bTAFhOvlhiY6AAABkU8hYO0AAAQDAEYwRAIgSFiFncqd8KmZrv8brFZAaKzbCjR1 +GU5ygJCv2K9xWnsCIFuwzf8leBa2eSKvSY7MCUgxXgRFl7rYjPjc6Foap0hyAHcA +DeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGRTyFhEgAABAMASDBG +AiEAxlxp+G3ArhozCos4yDTtLSB4sZ8496/R0WAlUqRLeRYCIQDKszlCeQNZB83Y +XGVCkPV+unVCmfKuuUJei1Md9GHjhjANBgkqhkiG9w0BAQsFAAOCAQEAg/1URGZb +xq8lMzrDb95Exkqm45FHLVbifPBSqiyCVtqa9VWDkyAQqCHhaCCB0N1YmCZGbXZy +HefWc8f/v4Kxam/8IpUXAH7U7sWZhX6p1yRn6Z5+FnWoyr1I6t/tDv1yBvB2EsKe +jJPLLPq41Aw6QP5EZ8Eks1VREW5aq2a+8WDJKnL3CCCtlIBh6cntADzZBBE2Zb2E +0/lM83sGLj9vAFw/PIkE/OCVobtpcj56O1UYZs/RDbLNhPUmhUhpSHSaiWU7VXeR +PoLgStsJrBZTSg1bdj8HK32lTzKcYspWwvjzbPclllxGzqKLTIdtCA9SbIl+363n +YMEkGJPyfIu4uQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFjDCCA3SgAwIBAgIQfx8skC6D0OO2+zvuR4tegDANBgkqhkiG9w0BAQsFADBM +MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv +YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMzA3MTkwMzQzMjVaFw0y +NjA3MTkwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu +IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAy +MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00Jvk5ADppO0rgDn +j1M14XIb032Aas409JJFAb8cUjipFOth7ySLdaWLe3s63oSs5x3eWwzTpX4BFkzZ +bxT1eoJSHfT2M0wZ5QOPcCIjsr+YB8TAvV2yJSyq+emRrN/FtgCSTaWXSJ5jipW8 +SJ/VAuXPMzuAP2yYpuPcjjQ5GyrssDXgu+FhtYxqyFP7BSvx9jQhh5QV5zhLycua +n8n+J0Uw09WRQK6JGQ5HzDZQinkNel+fZZNRG1gE9Qeh+tHBplrkalB1g85qJkPO +J7SoEvKsmDkajggk/sSq7NPyzFaa/VBGZiRRG+FkxCBniGD5618PQ4trcwHyMojS +FObOHQIDAQABo4IBXzCCAVswDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG +AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS9 +BbfzipM8c8t5+g+FEqF3lhiRdDAfBgNVHSMEGDAWgBSubAWjkxPioufi1xzWx/B/ +yGdToDB7BggrBgEFBQcBAQRvMG0wLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n +bG9iYWxzaWduLmNvbS9yb290cjYwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUu +Z2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjYuY3J0MDYGA1UdHwQvMC0wK6Ap +oCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yNi5jcmwwIQYDVR0g +BBowGDAIBgZngQwBAgEwDAYKKwYBBAGgMgoBAzANBgkqhkiG9w0BAQsFAAOCAgEA +fMkkMo5g4mn1ft4d4xR2kHzYpDukhC1XYPwfSZN3A9nEBadjdKZMH7iuS1vF8uSc +g26/30DRPen2fFRsr662ECyUCR4OfeiiGNdoQvcesM9Xpew3HLQP4qHg+s774hNL +vGRD4aKSKwFqLMrcqCw6tEAfX99tFWsD4jzbC6k8tjSLzEl0fTUlfkJaWpvLVkpg +9et8tD8d51bymCg5J6J6wcXpmsSGnksBobac1+nXmgB7jQC9edU8Z41FFo87BV3k +CtrWWsdkQavObMsXUPl/AO8y/jOuAWz0wyvPnKom+o6W4vKDY6/6XPypNdebOJ6m +jyaILp0quoQvhjx87BzENh5s57AIOyIGpS0sDEChVDPzLEfRsH2FJ8/W5woF0nvs +BTqfYSCqblQbHeDDtCj7Mlf8JfqaMuqcbE4rMSyfeHyCdZQwnc/r9ujnth691AJh +xyYeCM04metJIe7cB6d4dFm+Pd5ervY4x32r0uQ1Q0spy1VjNqUJjussYuXNyMmF +HSuLQQ6PrePmH5lcSMQpYKzPoD/RiNVD/PK0O3vuO5vh3o7oKb1FfzoanDsFFTrw +0aLOdRW/tmLPWVNVlAb8ad+B80YJsL4HXYnQG8wYAFb8LhwSDyT9v+C1C1lcIHE7 +nE0AAp9JSHxDYsma9pi4g0Phg3BgOm2euTRzw7R0SzU= +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg +MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh +bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx +MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET +MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ +KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI +xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k +ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD +aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw +LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw +1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX +k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2 +SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h +bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n +WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY +rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce +MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu +bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN +nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt +Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61 +55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj +vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf +cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz +oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp +nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs +pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v +JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R +8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4 +5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/configs/nginx/ssl/dot2024.key b/configs/nginx/ssl/dot2024.key new file mode 100755 index 0000000..50b5bbd --- /dev/null +++ b/configs/nginx/ssl/dot2024.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPleRZg0Egj+gqyiGa/RXjpW +m0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZUW4lMYiEwF9jSXINlfuz +gKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wqEEE6YC09OjFRbErlF1jA +FL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897zrUwbF7aYTGwKotk6w11 +L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9ZrnJl0x+3/4XSS7ogcInUd +Fopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy16WTDLdIsCNzZpiRvbPxb +xvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2/wifmes9OlfoAV/Qlrpe +hpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIiLfpzmlqCC9EXrK0GWTl/ +K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6dtLhP3LjN+lvR7BNKTCN +hafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9toiSch6x4O/aLyFY3aO4/ +GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+uwd7w3gTvSLWR3DcCAwEA +AQKCAgBHE8zU2D9r1mZl3ymigyTgUdte/AAhvzn92rq/N29i0PFbGRV+B1FCnza1 +AWakcdykPMZX8Vg6iyCnKyzeBrZHSVFOw6/O5+jyB0XLKbyJRoSLgC0dLh26vdCW +pPnAIC1e40Lf6xJYraoQHBCcVDD0fE/MRRNPN3up62FEil18zv1GwQOglIjJRhK9 +1eE20EuhZiZjo37vDyhyFX2ZQ43FIX6/2eZttXyHO9A8I1e7CL8c+xVmVS6vmcOM +xqkJvgNtNQ7zvmjMOTVzsAuI4yEMOyrXEZEJsWZJobxBSforMb/iuDtV9k+Ap/z8 +m9nxfLQtkjj6Qvm4U9JrrLC0IJ6nFC1Xnxx71YuwVsjvJhDidS30OSRfKTnJrRBA +Elx42ymkWuYgsw7Tt50ePGNTU6YlfrRZC/nA/65vnknzR6y7BSo+X7BdPMXKf2Kh +sFossaKbdk3FGLoNBmame4pTirR17ogE2vvNhRn2v7bs76/der6uKQkTmcWHExbB +hURVXxqaNwW3nH3rL7ooByno2zaNPbX3KgI8auUqKq66lnxG5+Ggdsl2B+yQF5x/ +S4vAAb+eJlBeFcMqvBzjLKnN5mQ0j9Cw/svvl+ckdCxVriH4EmHe4WmS6L3JbG44 +P+D4ttRL2LON1BVySB659iCzZ8Ru+774yr7NvBwsUDf1ONqaQQKCAQEA+95aRS+C +YrFcI2YoePb2+49CT9+bzQZEU6c+JMKEiSGHe+1gGVKwqLqwa8KPe9glhi/389Hg +cGFdBotrZtBM2G3QMF5VtN7LYKYqVSzMGcSmrtUU0o40pTk1mdY4zGnEjeH9c/Mr +7S5mTgQGKCCC40dAUrwVIJkqPWDCfUmLwMX85UhKaAT4jbeKcczvdGmPtugimoBD +Yc3w2U7VqEKH2LaOvpGP5rK2+dINJhYds+TesMjUV5+a1PfDWJwyjExwH9mYTHuR +Ja9Spu8W6sFjwCJg0O2vdGTfSKHyHYEdR+ABhLb1nE7w/MOFSYCCpTLhUOXkiQSC +gm2Pq3XKrD6JpwKCAQEA9dnw3gwXs1qPlS4Rv2v+6vomRb9ZIxLQozGf1Vtq97qV +jB8xPXD+6tQRfu8zGxa0n8gDjYVE92BpH5bNZ51K2Xe7Ug2hnoVutOKBO31i1o7d +PXUqzbi7666i86oU5ypJEd/Djc17ihmhWX2dWoZr7UODCbTobiODtibMcbqmaJKz +9bR8P63o/DdRhrHkRRtknImwZHZ/8TNbJpTs3BT9QSfXB7FmphGPUR2JhDhyWaOm +vByVw3oMzb2getBAeHHPbEK8bygBQkKSN0Sv0hOHfU3vsPIudD0At6zXxESx86hs +QYz8Bgt0vdkDZdsCGVy/ZbH7fQUBxnX0Pj8duthK8QKCAQAtYEbFFiUYYLmnyvzZ +piyi75FT0IZCLrHanFPOzZiRGBBPnFlm1oXrMA8equOsvSktfrDeJV6ZAIGA71c/ +I6HkkAwk2qn4NvdPB0CzLanrrokVEGB6+pGzfpYQjA6ZjSiTIzbFT/cG+QgHYCQ3 +0HukNK76+NWZlN6ORkNjzP83kLPaHucAzHx3E60GiZROVcJFgpbRXPBGy5JrpA9M +DAhrW6Bl5tWVC3d5lIU36l4Zjc8s7FGNI70CR0zTRvi4XAELS+lrRgvFTUvHtWVc +j9DHyanFmjy07INpk3uKIzvCOjIr1cZ0DajO8O6vak6fMoZzS6ebo8tbch+jFUqZ +M38bAoIBAQCZRLKWK6HG7alfzmXAGbrFkQe1KdKPPBaX9sL3R1PLdyXuQi/3Zu91 +RJpXsRYCSEh46D/WxYO2WQOQbvpFI1lbc/py8A6W/gaDfEYm6UdqDYy92MLDl+yH +xMrP73OynbkKDJ8kUzs2YD4nxVkI645zT0htD7xrlXZyY4PHTx6ZSQQqJMflBy2d +t3r65wIxVx+FO42dRAcFPwgPaH61wdwU95plsGIXHBFl920Y4fvgCFdVJNj1EazT +wuk+R4A51nICwyQohB8syMXQ8OBPrl8kbicFACaXzsQYvgeR02XBSnma8CLaPeAc +zyMAJ+YKG7ky1B+91BZEPJr1B3IoXtlxAoIBADilYIz2QK+MjhkaTroe3B80yPn9 +HEZrJU97fWbwFxgj2prITitwVg4wo98/+bnyFyJUESVMZBaiE8zShHW5gmXMdChS +DUTKIp9qPB6+YHDnqixgKvRNdR8F2UErxD6Q+sqa9+w7KMjhQirEm7Ffpy+hGqKm +fT7mMAWNIV43QaHXD40xakJ+uIqjhXa09V1M+nUbhn9W6Tyqv6i5xu3iNd86MzEh +3QCbDqjtE8Dr2DcTkRXLECG9tiQHi5q0OOJPzn0bNoUFQPT8gJ3p14Q7kzhPnXo2 +qjItUwFJxX+pPx6GQgNt7BYOxRVX34VWH3iaqTVtzCLX5xpUs1fx77bZ+ww= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/configs/nginx/ssl/spottorg.crt b/configs/nginx/ssl/spottorg.crt new file mode 100644 index 0000000..6f7291f --- /dev/null +++ b/configs/nginx/ssl/spottorg.crt @@ -0,0 +1,107 @@ +-----BEGIN CERTIFICATE----- +MIIHWDCCBkCgAwIBAgIMR1M2ZLtwd9qMW0I+MA0GCSqGSIb3DQEBCwUAMFUxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSswKQYDVQQDEyJH +bG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAyMDI1MB4XDTI1MDgyNjA2NTgz +NVoXDTI2MDkyNzA2NTgzNFowGDEWMBQGA1UEAwwNKi5zcG90dG9yZy5ydTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK1M9gAXJ1OVgvx8Ar6T9udnVTz +vfEDlU/YjP6a9vNW8keHbVNr5Nk9pp9W9lUCpKi6q73AbCgKZrvfIpbZHhbpJdw8 +yl3fdMmyth7Q4y6Y2yqJZLDru2BLM/g4rdf3pbudnjXLIhwSuaYTCCp79go4QAl8 +e2jxUehXRDIOf388kykDoCHCKnRxz7fwo92oGhLwRpbk3VR5bEl80OR12KGcmsGs +VAcsUeluKe/Zo3Po4IQvMcT3tMDezYsM7HKjuE9YEyGD+kUtyE/OqoPQvFEZVU37 +uLGeHS2PVrubrHlBcTyCOige26klsI6BRi2BK4aza1ekF+z00ulxYoBP9HizISYP +sdO8NoY4bipnANDfPgNqGgnDTTWFaSEdOnj43WFaKpkHvvAWsQTaCzMm0x0ibvJV +qMUPqd/N9OCBZ9NGJYKrWGvNUMdC/gC0e3gn56wlYmKH3AICpTbJqSOPYXMXXIYE +bnCvd6Y9I2jVOSh/eDNcQOWVhhF++ox3Jpskw5/vY2DegGAqHWM/SkdgPKU8H8Av +SZt+f+3OJ7DHRgz1BYZBRUUulVUf+XjKSX4higmWzwltvP5mzDT2hN7GjeXJSoGF +DAJCWHCjRBfh0CSBQQMaWMdi4Hql29ECRaJ72vq9cLSDOu3/wcjvJdXLGy21wGq8 +ko0PizDTXVcpuWWHAgMBAAGjggNjMIIDXzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T +AQH/BAIwADCBmQYIKwYBBQUHAQEEgYwwgYkwSQYIKwYBBQUHMAKGPWh0dHA6Ly9z +ZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjZhbHBoYXNzbGNhMjAy +NS5jcnQwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2dz +Z2NjcjZhbHBoYXNzbGNhMjAyNTBXBgNVHSAEUDBOMAgGBmeBDAECATBCBgorBgEE +AaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t +L3JlcG9zaXRvcnkvMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZ2xvYmFs +c2lnbi5jb20vZ3NnY2NyNmFscGhhc3NsY2EyMDI1LmNybDAlBgNVHREEHjAcgg0q +LnNwb3R0b3JnLnJ1ggtzcG90dG9yZy5ydTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI +KwYBBQUHAwIwHwYDVR0jBBgwFoAUxbSTj28r3B5Iv7cQMIXO0bK7SC0wHQYDVR0O +BBYEFGlk4BROneHJoVeE4xE68H/mDAyNMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFo +AWYAdQDLOPcViXyEoURfW8Hd+8lu8ppZzUcKaQWFsMsUwxRY5wAAAZjlK+2GAAAE +AwBGMEQCIFwLrtC0boMJ90PMJWhfF1cXMabJLDOg57nNoDF24XSaAiByzqW3ROEI +gOmpDc+1KQ6mY77My2hK9KAWDnIPo+yGFQB1AMIxfldFGaNF7n843rKQQevHwiFa +Ir9/1bWtdprZDlLNAAABmOUr7v0AAAQDAEYwRAIgaWO2C4oqrbnAPgoIOu8DktTz +yIIhJ5SyJGtNneDwCEMCIAqpDRyLujpDoh2ac0tSjVM0bj198mOOSEoawW9WINON +AHYAlLHBirDQV8R74KwEDh8svI3DdXJ7yVHyClJhJoY7pzwAAAGY5SvvdwAABAMA +RzBFAiAG8aDXU8rCCPDlK5Qge9bcmL+LUMAIj4VT1XXGymiTPAIhAI+4KobdPzF+ +9RypS2t5xvM7+lv2LIjpySplfWclXGW+MA0GCSqGSIb3DQEBCwUAA4IBAQCBQgLv +mXtwPMI4b8eqBtVCHYEJf4WNJYA16mfwQ3Vgi7p8q+UmQ+62EMxatuBLevTO1HlQ +bLBF+vveWMrvLctsl87V6gQXrQL36Fk7u/q70lySI9MGdj9BkD+zEtPGiyyioGiK +0k1iUzMlHvHG8fo870Jqd1XcINSPpfxHALheZyoxnqE8wU1PraPg2nMuxfY8JWAH +/0VI+66IwiVW/KqtLQdliX7E/QOzcrQMdHXIDSTqJA0bR1NLJ2+j7mP9bJrVRgZU +r/LxtfPCQTWUAS1vK5EtyqegvGZy3agpYnUigqEMhdkX2nGGPozG6rDcMEz7tMYy +i2Vig1FrGRjrhH8n +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIRAIN9TriekS/nLK07x2kt3CAwDQYJKoZIhvcNAQELBQAw +TDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkds +b2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMjUwNTIxMDIzNjUyWhcN +MjcwNTIxMDAwMDAwWjBVMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln +biBudi1zYTErMCkGA1UEAxMiR2xvYmFsU2lnbiBHQ0MgUjYgQWxwaGFTU0wgQ0Eg +MjAyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ/oiu0Bviq52UUE +ADbFWmgu3rC7KDSMoorLN1Wd03McG3Z1aP71DlPCE33838r72Dfuj5M9LXfiQLJp +Au6MwNExmKOzothw4x0zGf5oBYyrCMGm3fBpLPafwYQ3MchBOWMTbf83rKUPLH48 +KCJ0MnU8GUl8oA/J81wIvbbKPuNrFf6hvJDccjzc4NyxLz3A89zjV2g5whCg5O0u +9YX4Zxk9JHuc/LvllOJO4waAYLjbWBJkz3rV3ts1SmSYnJqmyRTIjXwQgRvhEYqt +DbRskt0W7M6cPwCze3GTBN2UHNpHkMs3YmVxku68I0aOQn5+uz//fDROP3z1Z/7I +APteRtECAwEAAaOCAV8wggFbMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU +xbSTj28r3B5Iv7cQMIXO0bK7SC0wHwYDVR0jBBgwFoAUrmwFo5MT4qLn4tcc1sfw +f8hnU6AwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIu +Z2xvYmFsc2lnbi5jb20vcm9vdHI2MDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl +Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXI2LmNydDA2BgNVHR8ELzAtMCug +KaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjYuY3JsMCEGA1Ud +IAQaMBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggIB +AB/uvBuZf4CiuSahwiXn4geF52roAH+6jxsEPTXTfb7bbeMDXsYgRRsOTNA70ruZ +Tnz5DfFMuBhNoFhIFb0qR1izdy6VkdKOqFPNF2dOFI1EcnY9l2ory9mrzHqVbrL4 +vzUd17FLUVyjTVU7PAv4nxyhnO1GTeT83YlrdRF31NyR6bvZVTEERHmpbWSgeveJ +LRtaMzlGWiLZ8IwkH7o6GH3jp/KPtDW4Npu8w64HrRZdN2pqQhi7+YKwfHM7H+2U +dM1BGN0sjOWMVbMSB9MtCsleS2Mb7TRZEbOHxECJLLIluQypZr7Pol3+hAqrhyKI +k+6y+Da0NeDuWxW59Ku4NvClqW1UFX1SpfNGhzVfp/CH+vPM1tySomx2jE0EnYZu +GwVucXPBsp5nUWqUV9+143glVuS7GTg9hFPjNBInn17HbCoIIQIOzj5Vd9bK3A9U +GxXNpwenDHEalCsD/4eQYDHPhFE7sNe0D/OXu+FAM02VZkARx37Jp4bDdujvgL9P +vZPR3wThvDN1CTU8Bc3xea3yKFAraKcPZLkhReQUAm2VpR+HSJRPlUpYizlF9WkL +h3KcAVCBJWvnOkVwxyU5QJMcnwW95JlOtx+9100GL99jHE5rs3gXp7F4bg8H01QT +9jVOhBBmQ7nQoXuwI0tqal2QUqZz3eeu62CU7xBwtfYR +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg +MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh +bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx +MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET +MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ +KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI +xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k +ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD +aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw +LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw +1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX +k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2 +SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h +bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n +WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY +rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce +MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu +bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN +nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt +Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61 +55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj +vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf +cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz +oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp +nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs +pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v +JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R +8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4 +5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA= +-----END CERTIFICATE----- diff --git a/configs/nginx/ssl/spottorg.key b/configs/nginx/ssl/spottorg.key new file mode 100644 index 0000000..de3b04b --- /dev/null +++ b/configs/nginx/ssl/spottorg.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAwrUz2ABcnU5WC/HwCvpP252dVPO98QOVT9iM/pr281byR4dt +U2vk2T2mn1b2VQKkqLqrvcBsKApmu98iltkeFukl3DzKXd90ybK2HtDjLpjbKolk +sOu7YEsz+Dit1/elu52eNcsiHBK5phMIKnv2CjhACXx7aPFR6FdEMg5/fzyTKQOg +IcIqdHHPt/Cj3agaEvBGluTdVHlsSXzQ5HXYoZyawaxUByxR6W4p79mjc+jghC8x +xPe0wN7NiwzscqO4T1gTIYP6RS3IT86qg9C8URlVTfu4sZ4dLY9Wu5useUFxPII6 +KB7bqSWwjoFGLYErhrNrV6QX7PTS6XFigE/0eLMhJg+x07w2hjhuKmcA0N8+A2oa +CcNNNYVpIR06ePjdYVoqmQe+8BaxBNoLMybTHSJu8lWoxQ+p38304IFn00YlgqtY +a81Qx0L+ALR7eCfnrCViYofcAgKlNsmpI49hcxdchgRucK93pj0jaNU5KH94M1xA +5ZWGEX76jHcmmyTDn+9jYN6AYCodYz9KR2A8pTwfwC9Jm35/7c4nsMdGDPUFhkFF +RS6VVR/5eMpJfiGKCZbPCW28/mbMNPaE3saN5clKgYUMAkJYcKNEF+HQJIFBAxpY +x2LgeqXb0QJFonva+r1wtIM67f/ByO8l1csbLbXAarySjQ+LMNNdVym5ZYcCAwEA +AQKCAgEAk1LwK1v6t7vyN4+UhXnous+DoCfdbGO9snC0HmG6wVzkbWL3Qcu9mPKh +BKeUM7aQSGsWT7ktHQ7htP2c+m7F6af30bDdnjHZ+FOUobSEcVmPW5wh6Aw19yJv +7D1WrLbhXBhjAWj2Ii+48QQthZfODuWI7qSV7E3MH/UH0KhPqEJ5RutLWr/Dx9/l +v9QA6VKsh+/uOXZqUeSeHuymUncotv/7yNdPrS3HvMxyRt1yY92tI9dh3RtgVR9A +fxoEPqnKZ57Iuu9VisqdamWBd8OU+fglJ6Bzm1F72mE+yy17TzRJLfOLdZgDtPSj +pvAB3aSC/qT7b5Dl2ZFVlPUKBvR4kRlMpZPn5bGwPRykTvgpaOtS5H0jiprfm5Jc ++ZJj6QTbpTTwWxjJIeRS/wkkd+WtGnY2Vldg4109IqcsGqf4mzhYvn7pgZin+V+/ +oYrglB0AisET6gObDdZJAIK4GXk3CePgadW8rZlGGR+FniWJdfB52oOAb6T0+gEE +yvu83u5nMQEdIj9FabJfZapcGIdz5GTaMi2/wA7C4HcosNVlLrh4pSXFWv9dgglU +ByfvWV4oq9DK2D0pwBkPq0BPLfSSkDTs3liw3stxNhIscWO+xSZ0tf4B9xGHiJbq +GHmSk4xv9GPraHoOPtvpRH0cGr26x8vai1NgxJl1lJfRMi5aHkECggEBAObNIGSX +15FmRbddv/eDyauk5nVBTb8Q5BPBHxLqk6LwEjqAT2ofeyTBgOsOUzlI9dUJnzsc +713Um4llV1iOKAapFKSFhlAGYrl+6GGjckhoicxJINw85GkmhBcMQHbn8uFYqAUy +7NPqWy4kTWFyE2rJlkOTuf4vjj4vxoKT1xYzsLTsjgaRw7LI0u7TcqRTQuSXgmpf ++5VqN3ID4d3qqID4vRLM43me6bH1XckeBMlnvazl56YnRcGfPVcm5wOhg0cvqCND +FqFmlO6q8uF8QBYeNWGNIXMUyiEr+4Cxb6sD/7cRq9r5JhAUyfj9qhNTh+QOw51r +wgejVEYc8JBHu5kCggEBANf3RHZvnOunw2Fb2lDM4G/66ckBlO8ZXY4xJWBAGf1V +mjRjzvKotwSeke8C0Qx36zF5AFmDNZ/S1JxfH1O+lIHbGJlGVAS/XYnCfY7yDB8y +77SbO7nC6mFaZroq6vooVGWfWqFYCU88VQt+E5F5gJ3nSGx67s+Az0GKrNePgo7u +7aMBPrJ5dTYXQNKiOQN2V8ktYrZtR92ruBWCp4qlHORZSU2jmTX2JNqAVZbZkZm1 +VgueX4C+miFjNrAvNESFZgAwbqyv39tCwfqBtXgD45DFhkdn3G9hKkJNqpOCFSA9 +//tIe1c2MQjObS4IfoP7Pp3e4YKqBmN6V9i9QxAT3h8CggEACoFVsx5yMm0MSU9c +GIEIIebsknO5fTPgncGRj4Pb2nPA8Ka8dqEeMssX+hr50MawYdUBSWiEwKmXtsZF +FoPJ8Jurk918ApJ31eef3inZXtBbTVAazct7vgmBw6bMHF1sYbNuWmY5/19QbSY7 +226c0aSBUWwc8CPr/oqgJ3thM+KAbYvC3yutU6ruZu567l3X0p3O0taxldhy0563 +nik7KDuqJ3vp8rQ4AOChNzFFmIE/UepZA+gPtcNwwFHF/BVS61+Q8KHyGsCXkNF5 +IqhMJnWTinApEJrmpGHjHbV11rvk3MlSIDJs+BhqJQouvphzu/6sCrNH7p8Ri+tv +S7HoKQKCAQEAx9ariDhhaQI03csj6e6ao6P3XqNTEChVlLTPVBAcvHnQljfhEFOj +/udIPHVLwZDZlk7UTwAFx91MFWJD17cbLknxqisUpcv6HvZUPsilBN2aR3H5Qzwk +q27+bbg29MIKzno1X+TZwHMgcuD39H4M0JBqSM88WdBkd859f33xHpfiVxpYzMds ++V9tATtRLG3+b07K7+mRPYKfdXAP3lBIutgP54LBy9f3ZCSqjkrG2wecFmY3EyfL +8acfvMoBQIJ7zyMB1lNr/jT4z/fkVqiqk5TjWwG1TW8Iro+1jocpS0tzqi74yst/ +dhmll5oOj8wVtfm+jK0N+lEEJq+C9cacmwKCAQAgC6rj3jP7Gra/KGrJwZiIGLwG +6RaWvu26AYFyfyMcQ/gvftQlctw8LcEbGFOs8obYkNMUogzZmvn4q2pQRrceHdts ++wHZYDMdbq26nDD7lzHnGI1ZjKJkIVmpBUf0p59Czwf1QWdq7XKxPFjr+/x9VvVK +N+Xf9OTANaL2vMsNTco1FWTJYgfXowVIeTThiaIfscWY40mUi0DtSG7atebDRF4L ++PKarY3Df45evA0f/joIeTUbUCBAMpOmWIDKO23wWL1JyS45ELmuPJSx7unj8Hwf ++MwDBlAVWn4ZNmA+k12nxuiPsxMWtJvEXgixbN+5hCxKOESSofLOOjOmIuJS +-----END RSA PRIVATE KEY----- diff --git a/configs/nuxt/.env b/configs/nuxt/.env new file mode 100755 index 0000000..aa8a7f4 --- /dev/null +++ b/configs/nuxt/.env @@ -0,0 +1,13 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=tqolms.spottorg.ru +API_URL=https://tqolms.spottorg.ru/ +DOMAIN=tqolms.spottorg.ru + +APP_HOST=tqolms.spottorg.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=50156956 diff --git a/configs/nuxt/entrypoint.sh b/configs/nuxt/entrypoint.sh new file mode 100755 index 0000000..350c4cb --- /dev/null +++ b/configs/nuxt/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +DOMAIN="${DOMAIN:-tqo.spottorg.ru}" + +for x in $(grep -lrw "tqo.spottorg.ru" .nuxt/);do + echo "replace tqo.spottorg.ru to https://${DOMAIN} in $x" + sed -i -e "s/tqo.spottorg.ru/${DOMAIN}/g" $x; +done + +"$@" diff --git a/configs/php/.env b/configs/php/.env new file mode 100755 index 0000000..f78ae7a --- /dev/null +++ b/configs/php/.env @@ -0,0 +1,166 @@ +APP_SECRET=c35a0abba25a5396d74ec17fca238d9a + +CONTAINER_NAME=php + +LOCK_DSN=flock +PHP_SOCKET_PORT=8080 + +DATABASE_URL_DOT=mysql://root:seeFiethae8enga6ohNi@db:3306/dot?serverVersion=mariadb-10.3.25 +DATABASE_URL_DOT_STATISTIC=mysql://root:seeFiethae8enga6ohNi@db:3306/dot_statistic?serverVersion=mariadb-10.3.25 + +DOCUMENT_ROOT=/application +APP_HOST=lmstqo.spottorg.ru +APP_SCHEME=https + +MAILER_DSN=null://null + +WKHTMLTOPDF_PATH="xvfb-run /usr/bin/wkhtmltopdf --enable-local-file-access" + +SP_WSDL=http://91.208.205.54:84/orawsv/XMLWEB/ +SP_LOGIN=xmlweb +SP_PASSWORD=xmlweb +SP_KEY=secret +SP_TEST=true + +SP_V3_URL=https://spasskievorota.ru/services/test/cargo_3.php +SP_V3_KEY=secret + +DEFAULT_EMAIL=no_reply@spottorg.ru +ADMIN_EMAIL=change.this@spottorg.ru +ACCOUNTANT_EMAIL=noreplay@spottorg.ru +SALES_EMAIL=sale.ftl@spottorg.ru +LOGIST_EMAIL=nd@spottorg.ru +LEAD_EMAIL=change.this@spottorg.ru +VOSTOK_EMAIL=vostok@spottorg.ru + +SMSC_LOGIN=secret +SMSC_PASS=secret + +DADATA_API_TOKEN=secret +DADATA_API_SECRET=secret + +UNISENDER_API_KEY=secret + +VOICIA_API_KEY=7589ed2721e50e299eb3baf2e3100a6b +VOICIA_API_URL=https://app.voicia.ru + +UAT_1C_API_URL=http://1c.nwtlk.ru/UATtest/hs +UAT_1C_USER=secret +UAT_1C_PASSWORD=secret + +FNS_ACCESS_TOKEN=secret + +GOOGLE_MAPS_ACCESS_KEY=secret +GOOGLE_MAPS_BASE_URL=https://maps.google.com + +ML_CALCULATOR_URL=https://calc.dev.tqo.spottorg.ru/v1/calculate + +ML_REGULAR_DIRECTION_URL=https://calc.dev.tqo.spottorg.ru/v2/schedule/transport +ML_REGULAR_DIRECTION_CHAIN_URL=https://calc.dev.tqo.spottorg.ru/v1/schedule/chains +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://calc.dev.tqo.spottorg.ru/v1/schedule/carrier/scoring +ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://calc.dev.tqo.spottorg.ru/v1/schedule/chains/carrier/scoring +ML_UNCERTAIN_DIRECTIONS_URL=https://calc.dev.tqo.spottorg.ru/v1/classification/direction/uncertain + +YANDEX_MAPS_ACCESS_KEY=secret +YANDEX_MAPS_BASE_URL=https://api.routing.yandex.net + +GRAFANA_ADMIN_PASSWORD=admin +GRAFANA_API_URL=http://grafana:3000 +GRAFANA_PUBLIC_URL=http://grafana.dot-dot.local + +THREESELLER_USERNAME=savrickijj@rambler.ru +THREESELLER_PASSWORD=123123 + +ATISU_CLIENT_ID=f26841019e0243418395d44ed7430f2a +ATISU_APIKEY=cf6e8c5975f04047a4e39004e2ce07f3 + +###> google/apiclient ### +ANALITIC_GOOGLE_CLIENT_ID=secret +ANALITIC_GOOGLE_CLIENT_SECRET=secret +ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://localhost/admin/analitic/google-callback +###< google/apiclient ### + +###> telegramm ### +TELEGRAM_URL=https://api.telegram.org/ +TELEGRAM_BOT_TOKEN=secret +TELEGRAM_CHAT_ID=secret +###< telegramm ### + +DEFAULT_SLUG=dotdot + +###> voicia ### +VOICIA_CALL_ID=secret +###< voicia ### + +###> openssl_encrypt parameters ### +OPENSSL_CIPHER=aes-128-gcm +OPENSSL_PASS_PHRASE=secret +OPENSSL_IV=secret +###> openssl_encrypt parameters ### + +TKKIT_API_TOKEN=secret +TKKIT_API_URL=https://capi.tk-kit.com + +###> BAIKAL### +BAIKAL_API_KEY=secret +###< BAIKAL### + +TELEGRAM_CHAT_BOT_ACCESS_TOKEN=secret + +###> NORDWHEEL### +NORDWHEEL_API_URL=https://nordw.ru +###< NORDWHEEL### + +JDE_API_URL=https://api.jde.ru + +###> SKIF### +SKIF_API_URL=sekret +SKIF_API_LOGIN=sekret +SKIF_API_PASSWORD=sekret +###< SKIF### + +###> DPD ### +DPD_PATH=https://ws.dpd.ru/services/ +DPD_CLIENT_NUMBER=secret +DPD_CLIENT_KEY=secret +###< DPD### + +###> SOVKOM### +SOVKOM_API_KEY=secret +SOVKOM_API_URL=secret +###< SOVKOM### + +MAGIC_API_URL=https://magic-trans.ru/ + +MAGIC_API_URL=https://magic-trans.ru/ + +SMS_PROVIDER=prostor-sms +PROSTOR_SMS_END_POINT_URL=http://api.prostor-sms.ru +PROSTOR_SMS_LOGIN=secret +PROSTOR_SMS_PASSWORD=secret + +ACCOUNTING_AUDIT_URL=https://crm.tqo.spottorg.ru +ACCOUNTING_AUDIT_LOGIN=secret +ACCOUNTING_AUDIT_PASSWORD=secret + +APP_LMS_HOST=lmstqo.spottorg.ru +APP_CARGO_CARRIER_HOST=tqo.spottorg.ru + + +QUEUE_DSN_AUCTION_CARRIER_VERIFICATION=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/AUCTION_CARRIER_VERIFICATION + +###DD-3816### +###> KONTUR_DIADOC### +API_KONTUR_DIADOC_END_POINT_URL=https://diadoc-api.kontur.ru +API_KONTUR_DIADOC_API_TOKEN=API-3701ccdb-7bdf-4f29-bbe0-3a0278eee913 +API_KONTUR_DIADOC_LOGIN=LOGIN +API_KONTUR_DIADOC_PASSWORD=PASSWORD +API_KONTUR_DIADOC_SELF_BOX_ID='322d597d-964d-48a8-baa5-2380161826f8' +###< KONTUR_DIADOC### + +###> KONTUR_DIADOC### +SIGNER_DOCS_API_URL=https://testcsigner.tqo.spottorg.ru +SIGNER_DOCS_API_TOKEN=secret +SIGNER_URL=https://testcsigner.tqo.spottorg.ru +SIGNER_API_TOKEN='siofdhgt2349875t3iqhf1h2g*^&^%&^GHJGJCxgf' +###< KONTUR_DIADOC### diff --git a/configs/php/.env.local b/configs/php/.env.local new file mode 100755 index 0000000..0c1a7e8 --- /dev/null +++ b/configs/php/.env.local @@ -0,0 +1,203 @@ +CONTAINER_NAME=php + +APP_ENV=dev +NotificationBuildServicejSP_KEY=16e93b225c730920ac5741a8d8df788f + +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +DADATA_API_SECRET=1ea37a4d310e7a6ac64211ffe5686363f04d4e68 + +ROISTAT_API_KEY=c63a71dd721df7f1b1d7b5803a84ccc7 +ROISTAT_PROJECT_ID=166751 + +UNISENDER_API_KEY=6ugo1c6yqfux9wrs8pbaom3izz9pc9huetqbdo9y + +GTD_ACCESS_TOKEN=cznMwszlx-5X_F7uQbg-uaPFhqmBP28z + +FNS_ACCESS_TOKEN=a5639b93fe4e7c9a3f1dd85537e066d36439c352 + +GOOGLE_MAPS_ACCESS_KEY=AIzaSyBCPl2LcpRvplzLUNVMVLhA3b7k46lTCTg + +NUXT_BASE_URL=tqolms.spottorg.ru + +ATISU_API_TOKEN=46b599c3ab7f4574b560f48ea005d9f3 + +###> google/apiclient ### +ANALITIC_GOOGLE_CLIENT_ID=672035500859-n6cq8lb393rs5f7q46pnjrc6u9hjiomg.apps.googleusercontent.com +ANALITIC_GOOGLE_CLIENT_SECRET=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 +ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://dot-dot.local/admin/analitic/google-callback +###< google/apiclient ### + +###> telegramm ### +TELEGRAM_BOT_TOKEN=5807192360:AAHSUZcWeY1bC7aqdmcYXOfb1CYyK0xx0Cc +TELEGRAM_CHAT_ID=-875661421 +###< telegramm ### + +###> voicia ### +VOICIA_CALL_ID=1949 +###< voicia ### + +###> ml_calculator ### +ML_CALCULATOR_URL=https://ml.dot-dot.ru/v2/classification/order/relevance +###< ml_calculator ### + +###> comagic ### +COMAGIC_URL=https://dataapi.comagic.ru/v2.0 +COMAGIC_KEY=j769gveux0brdq7wb6insegwtczvz7nsqmuntkqv +###< comagic ### + +###> carrier_scoring ### +ML_CARRIER_SCORING=https://ml.dot-dot.ru/v2/classification/carrier/scoring +###< carrier_scoring ### + +###> direction_scoring ### +ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v3/classification/direction/confidence +###< direction_scoring ### + +###> direction_recalculate ### +ML_DIRECTION_RECALCULATE_URL=https://ml.dot-dot.ru/v2/schedule/calculate +###< direction_recalculate ### + +###< Vozovoz ### +VOZOVOZ_API_KEY=5Thue256i0n5jXpB8vQfzng0VNJKGDar7ol5x0iD +VOZOVOZ_API_URL=https://vozovoz.ru/ +###> Vozovoz ### + +###< Pek ### +PECOM_API_LOGIN=TochkaTochka +PECOM_API_PASSWORD=EB77132653DD37BCD4EF591968F504CFB04BDFC4 +PECOM_API_URL=https://kabinet.pecom.ru/ +###> Pek ### + +###< TkKit ### +TKKIT_API_TOKEN=FKIICpqz25v10RuFcNorHACFdhEtkQK8 +TKKIT_API_URL=https://capi.tk-kit.com/ +###> TkKit ### + +###> Baikal ### +BAIKAL_API_KEY=NjJiZjdiMjU0N2Y4ZTk5OTY3OTY3OGUxM2VjZjA3N2M6 +BAIKAL_API_URL=https://api.baikalsr.ru/v2 +BAIKAL_API_PARTNER_GUID=PROVERKA +###< Baikal ### + +###> DelovieLinii ### +DELLIN_API_KEY=BE38996C-F722-4691-BCF3-640B76DAB18B +DELLIN_API_URL=https://api.dellin.ru/ +DELLIN_PASSWORD=Logistika01 +DELLIN_LOGIN=km@spottorg.ru +###< DelovieLinii ### + +###> JelDorEksp ### +JDE_API_USER=2252131242955194 +JDE_API_TOKEN=159687460352596660 +###< JelDorEksp ### + +###> Nordweel ### +NORDWHEEL_API_URL=https://nordw.ru/ +###< Nordweel ### + +###> SKIF ### +SKIF_API_URL=http://api.skif-cargo.ru/integrations/ws/orders.1cws +SKIF_API_LOGIN=DotDotAPI +SKIF_API_PASSWORD=H*GYU#7g8YG*#! +###< SKIF ### + +###> DPD ### +DPD_CLIENT_NUMBER=1001066989 +DPD_CLIENT_KEY=8D52BF0F4D272FA91AF7B8EFC64C74EA31B89C4D +###< DPD ### + +PAPA_FINANCE_LOGIN=DotDotAPI +PAPA_FINANCE_PASSWORD=DotDotAPI +PAPA_FINANCE_API_URL=DotDotAPI +###> SOVKOMTEST### +SOVKOM_API_KEY=AAk6UcV88xCCC26654rM +SOVKOM_API_URL=https://testout.sovcomins.ru +###< SOVKOMTEST### + +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v2/schedule/carrier/scoring + +ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport + +ACCOUNTING_AUDIT_URL="https://crm.dot-dot.ru/TTLBuhreport/hs/TT/reconciliationreport" + +###> YandexTracker ### +YTRACKER_API_TOKEN="y0_AgAEA7qkKFmeAAjF8AAAAADXovQd6htdkt7LTDW_sNHCz7qV9zdVHaQ" +YTRACKER_ORGANISATION_ID=355207 +###< YandexTracker ### + +SMARTCAPTCHA_SERVER_KEY=ysc2_GLQZ8QPaFh0eXqZ5KaRMuRRZOX7qNNMy7P9Mq82V6c4e7b81 + +###> sentry/sentry-symfony ### +SENTRY_DSN="https://69bb249adbab80b23cf043b276a27fde@sentry.spottorg.ru/4" +SENTRY_SERVER_NAME=pre-prod +SENTRY_SERVER_USER_NAME=admin +###< sentry/sentry-symfony ### + +ML_CALCULATOR_TRADE_ONLY_URL=https://ml.dot-dot.ru/v1/tender/price + +ML_REGULAR_DIRECTION_HISTORY_ORDER_URL=https://ml.dot-dot.ru/v1/schedule/transport/orders + +#QUEUE_DSN_OC_CARRIER_OFFERS=amqp://guest:guest@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +#QUEUE_DSN_STATISTIC_EXPORT=amqp://guest:guest@rabbitmq:5672/%2f/STATISTIC_EXPORT +QUEUE_DSN_OC_CARRIER_OFFERS=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +QUEUE_DSN_STATISTIC_EXPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/STATISTIC_EXPORT +QUEUE_DSN_RELEVANT_CARRIER_EXPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/RELEVANT_CARRIER_EXPORT +QUEUE_DSN_ORDER_IMPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/ORDER_IMPORT +QUEUE_DSN_WS_ORDER_STATE_UPDATE=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/WS_ORDER_STATE_UPDATE +QUEUE_DSN_NOTICE=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/NOTICE +QUEUE_DSN_SELECT_DIRECTION_PUSH=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/SELECT_DIRECTION_PUSH + +CRYPTOPRO_PATH='/opt/cprocsp/bin/amd64/cryptcp -sign -dn '"ООО ""ТОЧКА-ТОЧКА ЛОГИСТИКА"""' -der' +SIGNED_DOC_PATH="/application/var/documents/signeddocs" +ABSOLUTE_SIGNED_DOC_PATH="/home/ddadmin/demolms/signeddocs" +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" + + +###> API_KONTUR_FOCUS### +USER_TRUST_API_KONTUR_FOCUS_END_POINT_URL=https://focus-api.kontur.ru +USER_TRUST_API_KONTUR_FOCUS_API_TOKEN=3208d29d15c507395db770d0e65f3711e40374df +USER_TRUST_CHECK_BACKEND=true +###< API_KONTUR_FOCUS### + +QUEUE_DSN_USER_TRUST=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/USER_TRUST + + +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" + +### DD-3326 check_carrier&drivers in OTK 2_Step ### +OTK_API_END_POINT_URL="https://test-api.otk.su" +OTK_API_TOKEN="Q5vBE9jusg38Rk7wHt2bzycT4K6pePFZ" +### DD-3326 check_carrier&drivers in OTK 2_Step ### + +ACCOUNTING_AUDIT_LOGIN=ReportServis +ACCOUNTING_AUDIT_PASSWORD=fE7mubiv + +ML_CALCULATOR_SPOT_URL=https://ml.dot-dot.ru/v1/price_calculator/spot + +###DD-3705### +ML_CARRIER_SCORING=https://ml.dot-dot.ru/v3/classification/carrier/scoring +QUEUE_DSN_RELEVANT_CARRIER_EXPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/RELEVANT_CARRIER_EXPORT +###DD-3705### + +PLATFORM_NAME=СПОТТОРГ + +APP_LMS_HOST=tqolms.spottorg.ru +APP_CARGO_CARRIER_HOST=tqo.spottorg.ru + + +###> KONTUR_DIADOC### +SIGNER_DOCS_API_URL=https://stagingsigner.spottorg.ru +SIGNER_DOCS_API_TOKEN='siofdhgt2349875t3iqhf1h2g*^&^%&^GHJGJCxgf' +###< KONTUR_DIADOC### + + +QUEUE_DSN_AUCTION_CARRIER_VERIFICATION=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/AUCTION_CARRIER_VERIFICATION + +MAILER_DSN_YANDEX=smtp://no_reply@dot-dot.ru:gqwaofmeyvxefrqk@smtp.yandex.ru:587 +MAILER_DSN=smtp://no_reply@dot-dot.ru:NRTk7rXhesHQpi3YWB92@smtp.mail.ru:465 + +CENTRIFUGAL_API_ENDPOINT_URL=http://centrifugo:8000/api +CENTRIFUGAL_API_KEY='aa7443fb-e623-4363-91ac-ef25908b1403' +CENTRIFUGAL_TOKEN_HMAC_SECRET_KEY='6085d43b-f55b-4387-9dff-3c9abf385dc8' + +TENANT=TQO diff --git a/configs/php/www.conf b/configs/php/www.conf new file mode 100755 index 0000000..302be9c --- /dev/null +++ b/configs/php/www.conf @@ -0,0 +1,455 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. The owner +; and group can be specified either by name or by their numeric IDs. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is different than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 25 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 10 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 10 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 20 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following information: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The address on which to accept FastCGI status request. This creates a new +; invisible pool that can handle requests independently. This is useful +; if the main pool is busy with long running requests because it is still possible +; to get the status before finishing the long running requests. +; +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Default Value: value of the listen option +;pm.status_listen = 127.0.0.1:9001 + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{milliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some examples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environment, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/configs/php/zz-docker.conf b/configs/php/zz-docker.conf new file mode 100755 index 0000000..363ab1f --- /dev/null +++ b/configs/php/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 0.0.0.0:9000 diff --git a/configs/rabbitmq/definitions.json b/configs/rabbitmq/definitions.json new file mode 100755 index 0000000..1dcf26f --- /dev/null +++ b/configs/rabbitmq/definitions.json @@ -0,0 +1,151 @@ +{ + "rabbit_version": "3.12.1", + "rabbitmq_version": "3.12.1", + "product_name": "RabbitMQ", + "product_version": "3.12.1", + "users": [ + { + "name": "ddadmin", + "password_hash": "iitSzcQJwX/NeX6ENPfc3ITxfyWBAwz4+8Cz1yZBzibz5zHv", + "hashing_algorithm": "rabbit_password_hashing_sha256", + "tags": [ + "administrator" + ], + "limits": {} + }, + { + "name": "guest", + "password_hash": "Yn3TgLYeK0bubvTm0HXfYnqh39XM2sCaA3C6b/fN928iFB8E", + "hashing_algorithm": "rabbit_password_hashing_sha256", + "tags": [ + "management" + ], + "limits": {} + } + ], + "vhosts": [ + { + "name": "/" + } + ], + "permissions": [ + { + "user": "ddadmin", + "vhost": "/", + "configure": ".*", + "write": ".*", + "read": ".*" + }, + { + "user": "guest", + "vhost": "/", + "configure": ".*", + "write": ".*", + "read": ".*" + } + ], + "topic_permissions": [ + { + "user": "guest", + "vhost": "/", + "exchange": "", + "write": ".*", + "read": ".*" + } + ], + "parameters": [], + "global_parameters": [ + { + "name": "internal_cluster_id", + "value": "rabbitmq-cluster-id-IdnQKai-TysuN7ZwZMtH5w" + } + ], + "policies": [], + "queues": [ + { + "name": "OC_CARRIER_OFFERS", + "vhost": "/", + "durable": true, + "auto_delete": false, + "arguments": {} + }, + { + "name": "STATISTIC_EXPORT", + "vhost": "/", + "durable": true, + "auto_delete": false, + "arguments": {} + }, + { + "name": "USER_TRUST", + "vhost": "/", + "durable": true, + "auto_delete": false, + "arguments": {} + } + ], + "exchanges": [ + { + "name": "STATISTIC_EXPORT", + "vhost": "/", + "type": "fanout", + "durable": true, + "auto_delete": false, + "internal": false, + "arguments": {} + }, + { + "name": "USER_TRUST", + "vhost": "/", + "type": "fanout", + "durable": true, + "auto_delete": false, + "internal": false, + "arguments": {} + }, + { + "name": "OC_CARRIER_OFFERS", + "vhost": "/", + "type": "fanout", + "durable": true, + "auto_delete": false, + "internal": false, + "arguments": {} + }, + { + "name": "delays", + "vhost": "/", + "type": "direct", + "durable": true, + "auto_delete": false, + "internal": false, + "arguments": {} + } + ], + "bindings": [ + { + "source": "OC_CARRIER_OFFERS", + "vhost": "/", + "destination": "OC_CARRIER_OFFERS", + "destination_type": "queue", + "routing_key": "", + "arguments": {} + }, + { + "source": "STATISTIC_EXPORT", + "vhost": "/", + "destination": "STATISTIC_EXPORT", + "destination_type": "queue", + "routing_key": "", + "arguments": {} + }, + { + "source": "USER_TRUST", + "vhost": "/", + "destination": "USER_TRUST", + "destination_type": "queue", + "routing_key": "", + "arguments": {} + } + ] +} \ No newline at end of file diff --git a/configs/rabbitmq/enabled_plugins b/configs/rabbitmq/enabled_plugins new file mode 100755 index 0000000..318ea04 --- /dev/null +++ b/configs/rabbitmq/enabled_plugins @@ -0,0 +1 @@ +[rabbitmq_management,rabbitmq_prometheus]. \ No newline at end of file diff --git a/configs/rabbitmq/rabbitmq.conf b/configs/rabbitmq/rabbitmq.conf new file mode 100755 index 0000000..916cb91 --- /dev/null +++ b/configs/rabbitmq/rabbitmq.conf @@ -0,0 +1 @@ +management.load_definitions = /etc/rabbitmq/definitions.json \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..c30ba6c --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,228 @@ +volumes: + certbot_volume: + nginx_log_volume: + mysql_data_volume: + mysql_backup_volume: + php_var_volume: + rabbitmq_volume: + redis_volume: + php_support_volume: + + +x-defaults-php: &defaults-php + image: registry.dot-dot.ru/dot-dot:${DOTDOT_TAG} + restart: unless-stopped + user: www-data + volumes: + - ./configs/php/.env:/application/.env + - ./configs/php/.env.local:/application/.env.local + - ./configs/php/zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf + - php_var_volume:/application/var + - /etc/letsencrypt:/etc/letsencrypt + - php_support_volume:/application/var/support-issue + - ./configs/php/www.conf:/usr/local/etc/php-fpm.d/www.conf + - ./configs/php/firebase-fcm-dotdot-key.json:/application/config/firebase-fcm-dotdot-key.json + depends_on: + - db + - rabbitmq + extra_hosts: + - "lmstqo.spottorg.ru:192.168.90.100" + - "tqo.spottorg.ru:192.168.90.100" + - "admintqo.spottorg.ru:192.168.90.100" + networks: + - dd + +networks: + dd: + name: ${NETWORK} + ingress: + external: true + +services: + db: + image: mariadb:10.3.25 + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} + MYSQL_USER: ${MYSQL_USER} + MYSQL_DATABASE: ${MYSQL_DATABASE} + MYSQL_PASSWORD: ${MYSQL_PASSWORD} + ports: + - ${MYSQL_PORT}:3306 + volumes: + - mysql_data_volume:/var/lib/mysql + - mysql_backup_volume:/backups + networks: + - dd + + backend: + <<: *defaults-php + + php: + # TODO: Денис должен переделать и добавить + command: ./bin/console app:auction:reload + <<: *defaults-php + + statistic-export: + <<: *defaults-php + command: ./bin/console messenger:consume StatisticExport + + carrier-offers: + <<: *defaults-php + command: ./bin/console messenger:consume CarrierOffers + + user-trust: + <<: *defaults-php + command: sh -c 'while true; do echo run; ./bin/console messenger:consume UserTrust; sleep 60;done' + + auction: + <<: *defaults-php + command: sh -c 'while true; do echo run; ./bin/console app:auction:process; sleep 60;done' + + notice: + <<: *defaults-php + command: ./bin/console messenger:consume Notice + + select-direction-push: + <<: *defaults-php + command: ./bin/console messenger:consume SelectDirectionPush + + import-order: + <<: *defaults-php + command: ./bin/console messenger:consume OrderImport + + update-order: + <<: *defaults-php + command: ./bin/console messenger:consume WSOrderStateUpdate + + static: + image: registry.dot-dot.ru/dot-dot-static:${DOTDOT_TAG} + restart: unless-stopped + networks: + - dd + + nuxt: + image: registry.dot-dot.ru/front:${FRONT_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/nuxt/.env:/app/.env + - ./configs/nuxt/entrypoint.sh:/entrypoint.sh + env_file: + - ./configs/nuxt/.env + entrypoint: /entrypoint.sh + networks: + - dd + + lms: + image: registry.dot-dot.ru/lms:${LMS_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/lms/.env:/app/.env + - ./configs/lms/entrypoint.sh:/entrypoint.sh + env_file: + - ./configs/lms/.env + entrypoint: /entrypoint.sh + networks: + - dd + + admin: + image: registry.dot-dot.ru/admin:${ADMIN_TAG} + restart: unless-stopped + command: sh -c 'php-fpm -D; nginx' + volumes: + - ./configs/admin/default:/etc/nginx/sites-enabled/default + - ./configs/admin/.env:/application/.env + - ./configs/nginx/ssl:/etc/nginx/ssl + - /etc/letsencrypt:/etc/letsencrypt + depends_on: + - db + networks: + dd: + + + nginx: + image: nginx:1.25.3-alpine3.18 + restart: unless-stopped + volumes: + - ./configs/nginx/conf.d:/etc/nginx/conf.d + - ./configs/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./configs/nginx/www:/var/www + - ./configs/nginx/ssl:/etc/nginx/ssl + - ./configs/nginx/other:/etc/nginx/other + - nginx_log_volume:/var/log/nginx + - /etc/letsencrypt:/etc/letsencrypt + networks: + dd: + ingress: + aliases: + - ${NETWORK}-nginx + + rabbitmq: + image: rabbitmq:3.12.1-management-alpine + restart: unless-stopped + hostname: ${COMPOSE_PROJECT_NAME} + volumes: + - rabbitmq_volume:/var/lib/rabbitmq + - ./configs/rabbitmq/enabled_plugins:/etc/rabbitmq/enabled_plugins + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USERNAME} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} + - RABBITMQ_CONFIG_FILE=/etc/rabbitmq/rabbitmq.conf + networks: + dd: {} + + redis: + image: redis:7.2.4-alpine3.19 + restart: unless-stopped + volumes: + - redis_volume:/data + - ./configs/redis:/usr/local/etc/redis + environment: + - REDIS_PORT=6379 + networks: + dd: {} + + redis-exporter: + image: oliver006/redis_exporter:v1.59.0 + command: + - "--redis.addr=redis://redis:6379" + networks: + dd: {} + + cabinet: + image: registry.dot-dot.ru/dot_dot_cargo_carrier:${CABINET_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/cabinet/.env:/app/.env + - ./configs/cabinet/entrypoint.sh:/entrypoint.sh + env_file: + - ./configs/cabinet/.env + entrypoint: /entrypoint.sh + networks: + - dd + + landing: + image: registry.dot-dot.ru/landing:${LANDING_TAG} + command: sh -c 'nginx; php-fpm -R' + volumes: + - ./configs/landing/config.php:/application/backend/config.php + user: root + restart: unless-stopped + networks: + - dd + + centrifugo: + image: centrifugo/centrifugo:v5 + volumes: + - ./configs/centrifugo/config.json:/centrifugo/config.json + command: centrifugo -c config.json + ulimits: + nofile: + soft: 65535 + hard: 65535 + restart: unless-stopped + networks: + - dd