Добавлен ssl сертификат

Dockerfile

@@ -7,7 +7,7 @@ COPY beerlog-srv.py .
 COPY routes.py .
 COPY storage.py .
 
-ARG BEERLOG_PORT
+ARG BEERLOG_PORT BEERLOG_HOST
 ENV BEERLOG_PORT $BEERLOG_PORT
 EXPOSE $BEERLOG_PORT
 CMD ["python", "./beerlog-srv.py"]

beerlog-srv.py

@@ -2,6 +2,7 @@
 
 import asyncio
 import websockets
+import ssl
 import json
 import sys
 import os
@@ -10,7 +11,6 @@ from routes import Routes
 
 routes = Routes()
 
-
 class UserInfoProtocol(websockets.BasicAuthWebSocketServerProtocol):
     async def check_credentials(self, username, password):
         all_users = routes.users()
@@ -32,10 +32,18 @@ async def handle(websocket):
 
 
 async def main():
+    ssl_context = None
+    pem = "/cert/live/beerlog.ddns.net/fullchain.pem"
+    key = "/cert/live/beerlog.ddns.net/privkey.pem"
+    if os.path.exists(pem):
+        print(f"Start with {pem}", file=sys.stderr)
+        ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+        ssl_context.load_cert_chain(pem, keyfile=key)
+
     port = os.environ.get("BEERLOG_PORT", 8000)
     host = os.environ.get("BEERLOG_HOST", "0.0.0.0")
     print(f"Start on {host}:{port}", file=sys.stderr)
-    async with websockets.serve(handle, host, port, create_protocol=UserInfoProtocol):
+    async with websockets.serve(handle, host, port, ssl=ssl_context, create_protocol=UserInfoProtocol):
         await asyncio.Future()
 
 

docker-compose.yml

@@ -11,6 +11,7 @@ services:
             network: host
         volumes:
             - ./storage-dev:/storage/
+            - /etc/letsencrypt/:/cert/
         ports:
             - 8000:8000
     beerlog-srv-prod:
@@ -23,6 +24,7 @@ services:
             network: host
         volumes:
             - ./storage-prod:/storage/
+            - /etc/letsencrypt/:/cert/
         ports:
             - 8080:8080