From e3003322a4ab512673dcaa7e3897b27ac2d67563 Mon Sep 17 00:00:00 2001
From: Finovy Technology <devops@finovy.tech>
Date: Thu, 12 Oct 2023 13:27:55 +0800
Subject: [PATCH] =?UTF-8?q?opt:=20=E6=94=AF=E6=8C=81=E5=AE=A2=E6=88=B7?=
 =?UTF-8?q?=E5=AE=9A=E4=B9=89https=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/docker-compose/docker-compose.yml      |  3 +++
 src/docker-compose/nginx/https.conf        | 31 ++++++++++++++++++++++
 src/docker-compose/nginx/ssl/change-me.crt |  0
 src/docker-compose/nginx/ssl/change-me.key |  0
 4 files changed, 34 insertions(+)
 create mode 100644 src/docker-compose/nginx/https.conf
 create mode 100644 src/docker-compose/nginx/ssl/change-me.crt
 create mode 100644 src/docker-compose/nginx/ssl/change-me.key

diff --git a/src/docker-compose/docker-compose.yml b/src/docker-compose/docker-compose.yml
index 0daa364e6c..c31b2ff15b 100644
--- a/src/docker-compose/docker-compose.yml
+++ b/src/docker-compose/docker-compose.yml
@@ -36,6 +36,7 @@ services:
     container_name: archery
     restart: always
     ports:
+      - "443:443"
       - "9123:9123"
     volumes:
       - "./archery/settings.py:/opt/archery/local_settings.py"
@@ -45,6 +46,8 @@ services:
       - "./archery/sql/migrations:/opt/archery/sql/migrations"
       - "./archery/logs:/opt/archery/logs"
       - "./archery/keys:/opt/archery/keys"
+      - "./nginx/https.conf:/etc/nginx/conf.d/https.conf"
+      - "./nginx/ssl:/etc/nginx/ssl"
     entrypoint: "dockerize -wait tcp://mysql:3306 -wait tcp://redis:6379 -timeout 60s /opt/archery/src/docker/startup.sh"
     env_file:
       - .env
diff --git a/src/docker-compose/nginx/https.conf b/src/docker-compose/nginx/https.conf
new file mode 100644
index 0000000000..84b1a595a1
--- /dev/null
+++ b/src/docker-compose/nginx/https.conf
@@ -0,0 +1,31 @@
+server {
+    listen 443 ssl;
+    server_name  archery.your-project.com;
+    ssl_certificate /etc/nginx/ssl/STAR_internal-project_com.crt;
+    ssl_certificate_key /etc/nginx/ssl/STAR_internal-project_com.key;
+    ssl_session_timeout  5m;
+    client_max_body_size 20M;
+    proxy_read_timeout 600s;
+
+    location / {
+        proxy_pass http://127.0.0.1:8888;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /static {
+      alias /opt/archery/static;
+    }
+
+    error_page 404 /404.html;
+        location = /40x.html {
+    }
+
+    error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+    }
+
+}
\ No newline at end of file
diff --git a/src/docker-compose/nginx/ssl/change-me.crt b/src/docker-compose/nginx/ssl/change-me.crt
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/src/docker-compose/nginx/ssl/change-me.key b/src/docker-compose/nginx/ssl/change-me.key
new file mode 100644
index 0000000000..e69de29bb2