Skip to content

Commit

Permalink
Use mkcert for local TLS certs.
Browse files Browse the repository at this point in the history
  • Loading branch information
@jezdez
jezdez committed Oct 3, 2020
1 parent e7aad15 commit 5a1c470
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 2 deletions.
9 changes: 8 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.PHONY: bash npm-build npm-install build clean db-migrate db-upgrade redis-cli run shell start stop update test pytest container-build envvar ci
.PHONY: bash npm-build npm-install build clean db-migrate db-upgrade redis-cli run shell start stop update test pytest container-build envvar ci cert trust

bash:
docker-compose run --rm web bash
Expand Down Expand Up @@ -52,3 +52,10 @@ envvar:
cp .env-dist .env

ci: envvar test

trust:
@command -v mkcert || (echo "mkcert command not found. Please install first, see https://github.com/FiloSottile/mkcert" && exit 1)
mkcert -install

cert: trust
cd certs && mkcert jazzband.local "*.jazzband.local" jazzband.local localhost 127.0.0.1 ::1 && cd ..
2 changes: 1 addition & 1 deletion Procfile.dev
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
web: flask run -h 0.0.0.0 -p 5000 --cert=adhoc
web: flask run -h 0.0.0.0 -p 5000 --cert=certs/jazzband.local+5.pem --key=certs/jazzband.local+5-key.pem
worker: flask spinach
9 changes: 9 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,15 @@ This app renders https://jazzband.co.
Install Docker. Run `make build`. This will create a set of Docker
containers with all backends and dependencies.

The Jazzband site uses a self-signed TLS certificate for development to be able
to reproduce the production environment as close as possible. To that effect
it's required to install [`mkcert`](https://github.com/FiloSottile/mkcert)
in your system's certificate trust store (once). To do that install `mkcert`
by following the installation instructions and then run `make trust`.

In case the embedded self-signed certificates are outdated you can recreate
them by running `make cert`.

## Running

Run `make run` to run the development server and worker.
Expand Down
28 changes: 28 additions & 0 deletions certs/jazzband.local+5-key.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDUvxoPQ3/1Dvi3
0Em2TBh0xNNLZIugoijZi8X7LvhEUSm+IaYlx0KOr/yIaEecL8oHo0EbhvKALJMf
TexSnNxMBNFQ7Mwdhm8kSz5cpzEj7M9uWXCCb7/sdvMNBcpqheVorsH6m2pYkHRl
1+xj8qt1uVHhYDs83d2VSu8Ir5BwUu+Ftjtvoru2H9sO46q5qt9zweHQcswbDJVO
8b8QEy4juPw3TtMSnqdJCuHvCgf6ESR8+oCAWUmJ/j0kA9oIPBAAVfWN6kCcsv+t
PM6drpnpmh9BxvNiModrYjotT1NwLJdmBzg1+EfkDURxRQnwivogxFUYPTd0p4wW
Odv5q9HtAgMBAAECggEBALwt4S4ZJaisuoFUgq719jfrFX69i+flJ77trIx2ynEb
XZHpD56g9xVhQz2hB552gvxogiGIJx4Kz4PEGEImr5GqPT+YhR+kltCCocGwvX2q
bPyNrkAh+qB9wpUFRzsb/oSu97PlHpcCB4NCD72Em/cAmhWBWkSHdwUkB/Ul3dwL
Uuk2UWLN2/7949b/f61loLI6Le+lpCAAZoSrB9cn8tyVSYUSqfZL0TH/uqJG9jTT
P/ljoRRu1dmCbsc8v7eyLRArilmyuaR7qqF2gpn3WnN70UzqRU+u2xPcV4Ly6Hbs
i08gGpYkQOR3yGjRpxcDBDuHFboa4ExC00AShnTzHcECgYEA4VztjXpv7UC2yTCC
+Lk9K/682mEGT+fgmfb5WkHMDLtzWAQojhuErX2Th/hWjV1TYR8P9t4cC7fjpbnK
VMWKwWYiqRuwrOToZFHjdmpNtf/CnGUovYHkHNQRTFqtnlYBpovkgmLHpBXnaK8y
lJMY+wFG0vwm/JPQP5aTs3Or0hECgYEA8asYQYcHELuFk6oRH0Db3a9cq9qURXMz
BNRIV3ERKR2V3EHB31YjWDwr0/bcoqeLqs0oChGG05xXIrp2wC7sBVdb9vUNmXZh
5jyPF992gorahiGELR1gZmbCOCd5E7XQpaoD7lHZtAySV379jqUCM1iV1xI9lcDX
TQ0U72ceph0CgYARVoboJY1K4XmujM7mt8mfAuAgpOpJZ3t+HOQeL4W1TQ6YrOk5
1aAlgM3C3jY6df2eMTeXNItP03vuGhcY4oHEU0lDXWAATTQb07j+OTt1TxH32kiC
G+Yi2aXjC+7jiZZi68xOw668TvsYsLHhgFehp/186e1N7UlOOxVt7u4/IQKBgQCu
kgZCh3SOHLeAFHCr3+EzARLzPUCv7mhjS6k6KP3ZcnqnkYSnfQSpH0YVppR4lojo
h6wtob2ALMYw2vsfFoX90b4n5Zq+SWqsswA2oYBtCjqSe7GMGVVig0Y25CStHUAr
+2U9iTi2vAIWXDBzEzVEu+/5XT7JZ3TfPtzpltbn7QKBgFYek26hXTMbXyCLpvWl
DPzBMczGPkeDYxMZ86N6prZTGUFXEVi2M0NDkG+57k9eoDE2LJHvu0wy+Jf2wjij
fjzJuLSmbKyPErcmPvCiqREehmYxgN9nXyO7Se5eFJQhOH0GfjIU1vmPgaerVkIt
TxghZlxQoS6KOHDDJJ0cJe9z
-----END PRIVATE KEY-----
27 changes: 27 additions & 0 deletions certs/jazzband.local+5.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEoDCCAwigAwIBAgIQPY9cM9cb8M+6laSObCs7OTANBgkqhkiG9w0BAQsFADCB
hTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMS0wKwYDVQQLDCRqZXpk
ZXpASGFsLmZyaXR6LmJveCAoSmFubmlzIExlaWRlbCkxNDAyBgNVBAMMK21rY2Vy
dCBqZXpkZXpASGFsLmZyaXR6LmJveCAoSmFubmlzIExlaWRlbCkwHhcNMTkwNjAx
MDAwMDAwWhcNMzAxMDAzMTAzMDAwWjBYMScwJQYDVQQKEx5ta2NlcnQgZGV2ZWxv
cG1lbnQgY2VydGlmaWNhdGUxLTArBgNVBAsMJGplemRlekBIYWwuZnJpdHouYm94
IChKYW5uaXMgTGVpZGVsKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANS/Gg9Df/UO+LfQSbZMGHTE00tki6CiKNmLxfsu+ERRKb4hpiXHQo6v/IhoR5wv
ygejQRuG8oAskx9N7FKc3EwE0VDszB2GbyRLPlynMSPsz25ZcIJvv+x28w0FymqF
5WiuwfqbaliQdGXX7GPyq3W5UeFgOzzd3ZVK7wivkHBS74W2O2+iu7Yf2w7jqrmq
33PB4dByzBsMlU7xvxATLiO4/DdO0xKep0kK4e8KB/oRJHz6gIBZSYn+PSQD2gg8
EABV9Y3qQJyy/608zp2umemaH0HG82Iyh2tiOi1PU3Asl2YHODX4R+QNRHFFCfCK
+iDEVRg9N3SnjBY52/mr0e0CAwEAAaOBtzCBtDAOBgNVHQ8BAf8EBAMCBaAwEwYD
VR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRHjpaR
1Yor4M8abw1xhRJKAlHy3zBeBgNVHREEVzBVgg5qYXp6YmFuZC5sb2NhbIIQKi5q
YXp6YmFuZC5sb2NhbIIOamF6emJhbmQubG9jYWyCCWxvY2FsaG9zdIcEfwAAAYcQ
AAAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQsFAAOCAYEAczZ7j7AvcnMI52wK
4bfA220hAVuUxJZkirAukKYYGTdpEs3LTIjx9e9+1Ydm/xqzKCf4Tuzx/UFSNGyT
ukwM3OYS2qhOMyHNZwG4AdRBqkp7Nk5OXXhjw/7r2bh/f3nZODgJjBshEZzGs+ye
fsCz3RJWcOFy/9PmDW9x/QLHybVgsGOSXexaVQj9JjO/GK6lTxRKq9Ogtd+p/ax9
olDAHP0L/YDn3ksrhlZghyhPMRuThUV4+jfcwYTQkERVnsqodiyOgaSIXg535av5
R6jIeIrLlzUjwVLls3W9r+bIAUfmJ2duJLL+2DP30rW2qY3JZDwVJYrd5wnL148I
wcT6VCvAcGjOrO2gl81DD+J/ClRKE8IQ31VwROJIa3/LMH3YTw2xbYoWuWztVOPE
nxG2x0QBrJ2jlqO5BBg4VjGMdWN6fekChAZyK2vShHzJqi7njJgwzbHjQI1zeJUB
egtXPWFg3gTR47REx+/fj5wA27H54ZTVoiMu+Xz1HBS16H1Y
-----END CERTIFICATE-----

0 comments on commit 5a1c470

Please sign in to comment.