Certificate only for internal domain; authorize even external

parent 57bbe2c5
...@@ -35,7 +35,8 @@ services: ...@@ -35,7 +35,8 @@ services:
NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASSWORD:-changeme} NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASSWORD:-changeme}
NEXTCLOUD_DATA_DIR: /var/www/nc_data NEXTCLOUD_DATA_DIR: /var/www/nc_data
NEXTCLOUD_TABLE_PREFIX: nc NEXTCLOUD_TABLE_PREFIX: nc
NEXTCLOUD_TRUSTED_DOMAINS: ${NC_DOMAIN:-nc.local} NEXTCLOUD_TRUSTED_DOMAINS: ${NC_EXTERNAL_DOMAIN} ${NC_INTERNAL_DOMAIN}
NEXTCLOUD_INTERNAL_DOMAIN: ${NC_INTERNAL_DOMAIN}
ACME_SERVER: ${ACME_SERVER} ACME_SERVER: ${ACME_SERVER}
INSTITUTE_NAME: ${INSTITUTE_NAME:-dati sicuri per una scuola digitalmente sostenibile} INSTITUTE_NAME: ${INSTITUTE_NAME:-dati sicuri per una scuola digitalmente sostenibile}
FUSS_SERVER_FQDN: ${FUSS_SERVER_FQDN} FUSS_SERVER_FQDN: ${FUSS_SERVER_FQDN}
......
...@@ -2,7 +2,8 @@ POSTGRES_USER=pgadmin ...@@ -2,7 +2,8 @@ POSTGRES_USER=pgadmin
POSTGRES_PASSWORD=verystrongpassword POSTGRES_PASSWORD=verystrongpassword
NC_ADMIN=root NC_ADMIN=root
NC_ADMIN_PASSWORD=verystrongpassword NC_ADMIN_PASSWORD=verystrongpassword
NC_DOMAIN=your.domain.example.com NC_EXTERNAL_DOMAIN=my.access.fuss.bz.it
NC_INTERNAL_DOMAIN=nc.my.scuole.fuss.bz.it
ACME_SERVER=172.16.1.50 ACME_SERVER=172.16.1.50
INSTITUTE_NAME= INSTITUTE_NAME=
FUSS_SERVER_FQDN=my.fuss.bz.it FUSS_SERVER_FQDN=my.fuss.bz.it
......
...@@ -36,7 +36,7 @@ if [ ! -e /etc/letsencrypt/live ]; then ...@@ -36,7 +36,7 @@ if [ ! -e /etc/letsencrypt/live ]; then
--apache \ --apache \
--non-interactive \ --non-interactive \
--server https://${ACME_SERVER}:4001/acme/acme/directory \ --server https://${ACME_SERVER}:4001/acme/acme/directory \
-d ${NEXTCLOUD_TRUSTED_DOMAINS} -d ${NEXTCLOUD_INTERNAL_DOMAIN}
else else
certbot renew --server https://${ACME_SERVER}:4001/acme/acme/directory certbot renew --server https://${ACME_SERVER}:4001/acme/acme/directory
fi fi
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment