Created
June 22, 2011 15:03
-
-
Save scottwater/1040281 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pass in the name of the site you wich to create a cert for | |
| domain_name = ARGV[0] | |
| if domain_name == nil | |
| puts "Y U No give me a domain name?" | |
| else | |
| system "openssl genrsa -out #{domain_name}.key 1024" | |
| system "openssl req -new -key #{domain_name}.key -out #{domain_name}.csr -subj '/C=US/ST=NJ/L=Monroe/O=MyCompany/OU=IT/CN=#{domain_name}'" | |
| system "cp #{domain_name}.key #{domain_name}.key.bak" | |
| system "openssl rsa -in #{domain_name}.key.bak -out #{domain_name}.key" | |
| system "openssl x509 -req -days 365 -in #{domain_name}.csr -signkey #{domain_name}.key -out #{domain_name}.crt" | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| worker_processes 1; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| default_type application/octet-stream; | |
| sendfile on; | |
| keepalive_timeout 65; | |
| server { | |
| ### server port and name ### | |
| listen 443 ssl; | |
| server_name kickoff.dev; | |
| ### SSL log files ### | |
| access_log logs/ssl-access.log; | |
| error_log logs/ssl-error.log; | |
| ### SSL cert files ### | |
| ssl_certificate ssl/kickoff.dev.crt; | |
| ssl_certificate_key ssl/kickoff.dev.key; | |
| ### Add SSL specific settings here ### | |
| keepalive_timeout 60; | |
| ### We want full access to SSL via backend ### | |
| location / { | |
| proxy_pass http://kickoff.dev; | |
| ### force timeouts if one of backend is died ## | |
| proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; | |
| ### Set headers #### | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| ### Most PHP, Python, Rails, Java App can use this header ### | |
| proxy_set_header X-Forwarded-Proto https; | |
| ### By default we don't want to redirect it #### | |
| proxy_redirect off; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is it possible to add more than one domain here? How would you change this gist if you wanted to add kickoff2.dev to this config as well?