From ef85c29f0b465a237f2d2ecc0780339fd345ca0e Mon Sep 17 00:00:00 2001 From: etienne Date: Wed, 14 Feb 2024 20:44:00 +0100 Subject: [PATCH 1/4] Add NEXT_PUBLIC_BASE_URL to inventory.ini --- .github/workflows/aws.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml index f6f4b26..b9f03d2 100644 --- a/.github/workflows/aws.yml +++ b/.github/workflows/aws.yml @@ -56,6 +56,7 @@ jobs: python3 -m pip install docker ansible-galaxy collection install community.docker echo "[all]" > inventory.ini + echo ${{ secrets.NEXT_PUBLIC_BASE_URL }} echo "my_instance ansible_host=${{secrets.ip_address}} ansible_user=hibo ansible_ssh_private_key_file=./private_key" >> inventory.ini ansible-playbook -i inventory.ini playbook.yml --extra-vars "MONGO_INITDB_ROOT_USERNAME=${{ secrets.MONGO_INITDB_ROOT_USERNAME }} MONGO_INITDB_ROOT_PASSWORD=${{ secrets.MONGO_INITDB_ROOT_PASSWORD }} MONGO_INITDB_DATABASE=${{ secrets.MONGO_INITDB_DATABASE }} MONGODB_USER=${{ secrets.MONGODB_USER }} MONGODB_USER_PASSWORD=${{ secrets.MONGODB_USER_PASSWORD }} SITE_ADDRESS=${{secrets.ip_address}} ORIGIN_URL=${{ secrets.ORIGIN_URL }} NEXT_PUBLIC_BASE_URL=${{ secrets.NEXT_PUBLIC_BASE_URL }} PORT=${{ secrets.PORT }} DEBUG=${{ secrets.DEBUG }} JWT_SECRET=${{ secrets.JWT_SECRET }}" env: From f7d88ab52d5266bae6dc4cb7cd04dade07b33ee6 Mon Sep 17 00:00:00 2001 From: etienne Date: Wed, 14 Feb 2024 20:50:05 +0100 Subject: [PATCH 2/4] Update NEXT_PUBLIC_BASE_URL in playbook.yml --- .github/workflows/aws.yml | 1 - playbook.yml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml index b9f03d2..f6f4b26 100644 --- a/.github/workflows/aws.yml +++ b/.github/workflows/aws.yml @@ -56,7 +56,6 @@ jobs: python3 -m pip install docker ansible-galaxy collection install community.docker echo "[all]" > inventory.ini - echo ${{ secrets.NEXT_PUBLIC_BASE_URL }} echo "my_instance ansible_host=${{secrets.ip_address}} ansible_user=hibo ansible_ssh_private_key_file=./private_key" >> inventory.ini ansible-playbook -i inventory.ini playbook.yml --extra-vars "MONGO_INITDB_ROOT_USERNAME=${{ secrets.MONGO_INITDB_ROOT_USERNAME }} MONGO_INITDB_ROOT_PASSWORD=${{ secrets.MONGO_INITDB_ROOT_PASSWORD }} MONGO_INITDB_DATABASE=${{ secrets.MONGO_INITDB_DATABASE }} MONGODB_USER=${{ secrets.MONGODB_USER }} MONGODB_USER_PASSWORD=${{ secrets.MONGODB_USER_PASSWORD }} SITE_ADDRESS=${{secrets.ip_address}} ORIGIN_URL=${{ secrets.ORIGIN_URL }} NEXT_PUBLIC_BASE_URL=${{ secrets.NEXT_PUBLIC_BASE_URL }} PORT=${{ secrets.PORT }} DEBUG=${{ secrets.DEBUG }} JWT_SECRET=${{ secrets.JWT_SECRET }}" env: diff --git a/playbook.yml b/playbook.yml index d780e0b..0fe17f3 100644 --- a/playbook.yml +++ b/playbook.yml @@ -123,7 +123,7 @@ MONGODB_USER={{ MONGODB_USER }} MONGODB_USER_PASSWORD={{ MONGODB_USER_PASSWORD }} SITE_ADDRESS={{ SITE_ADDRESS }} - NEXT_PUBLIC_BASE_URL=http://{{ SITE_ADDRESS }}:{{ PORT }}/ + NEXT_PUBLIC_BASE_URL={{ NEXT_PUBLIC_BASE_URL }} PORT={{ PORT }} DEBUG={{ DEBUG }} ORIGIN_URL={{ ORIGIN_URL }} From 7584672401ad570aac43ff0c56ec03e46430f68a Mon Sep 17 00:00:00 2001 From: etienne Date: Wed, 14 Feb 2024 21:06:53 +0100 Subject: [PATCH 3/4] Update SSL certificate paths --- backend/src/cert/kurama.cert | 59 ++++++++++++++++++++++++++++++++++++ backend/src/cert/kurama.key | 27 +++++++++++++++++ backend/src/routes/socket.ts | 6 ++-- 3 files changed, 89 insertions(+), 3 deletions(-) create mode 100644 backend/src/cert/kurama.cert create mode 100644 backend/src/cert/kurama.key diff --git a/backend/src/cert/kurama.cert b/backend/src/cert/kurama.cert new file mode 100644 index 0000000..cdab5d4 --- /dev/null +++ b/backend/src/cert/kurama.cert @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIE/DCCA+SgAwIBAgISAxUCowQKpVSiSz5FacanaHi1MA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yNDAyMTQxMTQ5MjZaFw0yNDA1MTQxMTQ5MjVaMBoxGDAWBgNVBAMT +D2t1cmFtYS1jaGF0Lnh5ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AMrws5y2RrmtFJl4lYbnr6kZMguK8bYlG/M3sVTqflyEDAupVBg3nMF/AtPh1x4D +n5FiFztfBIRV8ES6qc7ulmmRBPW0Mtj0zvnMTm6Yt+m3JDJSzbSPKJbWdiLmSYSa +/B+ev96WFdDBsGYwuMEi8O9s79/gOmlorgslJA5cGMud6R6Ne/qJ7YTlQWUEOHGS +nPdUrP3IzMGKQ14RyOI0v3tj8Kn7gi8LsFrL9hlpXDBjZwIs04HTRL6ULcpPvFGO +BLzTvsQJ7VWdqSMt/nbPOqf4+Qaj9Zk/TwfnGGMgMx5bzNH+GhnInG6w7qASsm0W +scWAm/2rxEOxFxDhnw+F3sMCAwEAAaOCAiIwggIeMA4GA1UdDwEB/wQEAwIFoDAd +BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV +HQ4EFgQUtq+mDZ24tr14unS/3aHU1Tn6kbQwHwYDVR0jBBgwFoAUFC6zF7dYVsuu +UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v +cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y +Zy8wLQYDVR0RBCYwJIIRKi5rdXJhbWEtY2hhdC54eXqCD2t1cmFtYS1jaGF0Lnh5 +ejATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1 +ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjaeqNdUAAAQDAEYw +RAIgVniTZ7MEkBYNkXI9XIZiedRJCMe2C1kecD9sUZrcmRwCIBCVe0cD6g1OQQKU +eLQLrkNPv5V5Vq+tmS24HLdpR2MjAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhC +Cp/mZ0xaOnQAAAGNp6o2HgAABAMARjBEAiAmEO6ojrn3a9CM4Yji6TWw+0/n/6Gf +NzEC5uF1GbulMAIgIPp7dvG+bkrU74UdMfJJr8JWIDtAJLDXnZx6rwm6rOwwDQYJ +KoZIhvcNAQELBQADggEBAJSWH0F1OjaKJdoFsmirTH7JKRglToqIFgVGWE/CQ0WV +MBeJl37VINHbC5XJoJGXp18BtZqTSw4ffqLlQ8Vzgr+knSgxb90GE1vJbpDjQKih +XgKQIVYvNReRZT1dIYHqJpSBRrpXbFBQNV7NnHHl3nMPPSi1l5u9P4Em7gec0H6p +KmlmJbWAKbB3A/SRtwklKvPTFln68jwwC02N7Pg1azRt7tA0mCDJVDcpzc2/JbfU +ECnHOqVjofKZ1cwHne5K5POo8ckehMvV4yjZwdYIz2rwHfKRYdW95f+eSYilW/2z +SCv/4WVT1boVSpJc5JvDhZglNcTHWd0AQ+P6PoBh+D4= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- diff --git a/backend/src/cert/kurama.key b/backend/src/cert/kurama.key new file mode 100644 index 0000000..19f2f6c --- /dev/null +++ b/backend/src/cert/kurama.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyvCznLZGua0UmXiVhuevqRkyC4rxtiUb8zexVOp+XIQMC6lU +GDecwX8C0+HXHgOfkWIXO18EhFXwRLqpzu6WaZEE9bQy2PTO+cxObpi36bckMlLN +tI8oltZ2IuZJhJr8H56/3pYV0MGwZjC4wSLw72zv3+A6aWiuCyUkDlwYy53pHo17 ++onthOVBZQQ4cZKc91Ss/cjMwYpDXhHI4jS/e2PwqfuCLwuwWsv2GWlcMGNnAizT +gdNEvpQtyk+8UY4EvNO+xAntVZ2pIy3+ds86p/j5BqP1mT9PB+cYYyAzHlvM0f4a +GcicbrDuoBKybRaxxYCb/avEQ7EXEOGfD4XewwIDAQABAoIBAADOddoMP2SYLGE6 +bB2zWnPNIyo4lAY38xcnBCyBU9ZWuqrb3PcGVuLqadshQqGXdaZvJVwLfJ9UrW7f +mbJ9RZLc78j/hI0Z8xGCLXS6K/nSr5vqsv2wQi161ZgFBdI3TwPb0hdhP4iAZzeA +v2XhiTjqXCKRZ8Z3BOvS3KDubMOwmkJBem8SBJ7yDOKdmJNNQZngNlAWL+IDG8s0 +9ZDZXfY8ksbTy8GNldPuqxa0Z+73O/hVFyryhAOuUsiTpktf/XuCS+lXBY2+Npp2 +HTFuiVBwZucMrjmwrwudkNBXPxhglsJlkT14hJn0U5GBHdoCjSo09aYLa2pXPdlA +Q200aAECgYEA8UygwJQ9nSGLttAH+Q2lKlxNRwRxWANQrfVdPEs4BiThab6/A9uz +nDW+zWVqIXyC9LdBh4F1A2Ec4+6kNETLVrvjOoeUpTGl5A/cyR09hTln/6o1Bn+z ++XKZhlHnnJwG6TTduATh4x00bIkrHfaJs9BaIonSv7u8ETCWH3wDyIECgYEA103Q +iC8/Eyd+10BqsdbEzlNZV7Njt9Lf/+lGkxzXcvTITWfVefEK7RVGChV6A9bFGLm2 +fcQsmaLQK3w6LwP2Qpdvxo8zF8Vl9HeG2E7p4GClt39a5VfG5ePGKKhQu5M+JbP1 +fazyqqfyRjABjQVx2BRDcwE20W+Aocmvvzmt5UMCgYEA2RdJ4Tj9neraWiUbpzRh +jpTwaZ5Tow2Ifpmrwl0iEFUKACs+i2gUVcv816oQLARrhWOCLzmHXvz2ExNW5Deo +gWYU70mfsGfUijTDPKVz/fJB4MDvZ+NotlomSbRSnpG5ngKUH8U0vTI/Qg6+nfx6 +sy4WidBZrWpnr0d5KOZYOQECgYATseeQfZnse6FruVXJPNc19IPotN07VIvvEfzF +uk6vEls8UXJCvFz+gQKuK3bE4SGYeGyMJqTZzP3z7GI6KMefIdE0vaaz1vfTnBd2 +tAlK4Cxok7rR3eyw3Nwknfj8n6SAuGyNeYOdPs23w+5wYv4eAQSGgabtE6EVq6hq ++rDAlwKBgQDnoNRDL7uHBiCfQ88DWtcrCL1ALsDqVW3M7XEnu6H4B6CcH0xVEMfn +XRE5+N9vSarhfoNM55JO/GV7ogjxOcBdlRjFzTADzPSquYz40jekHttZsv1Foxjh +zQMcjx8jTQxDHyzVmXdUcACGDwzI62ZVwlsl0MWb4raU5lVECt1NrA== +-----END RSA PRIVATE KEY----- diff --git a/backend/src/routes/socket.ts b/backend/src/routes/socket.ts index c6db0a0..627c53c 100644 --- a/backend/src/routes/socket.ts +++ b/backend/src/routes/socket.ts @@ -15,11 +15,11 @@ app.use(cors()); dotenv.config(); const options = { - key: fs.readFileSync("/acme/live/kurama-chat.xyz/privkey.pem"), - cert: fs.readFileSync("/acme/live/kurama-chat.xyz/fullchain.pem"), + key: fs.readFileSync("../cert/kurama.key"), + cert: fs.readFileSync("../cert/kurama.cert"), }; -export const server = https.createServer(app); +export const server = https.createServer(options, app); const io = new Server(server, { cors: { From d6e3bf6f4a5317a9fd1cac64917066dd353178ca Mon Sep 17 00:00:00 2001 From: etienne Date: Wed, 14 Feb 2024 21:16:49 +0100 Subject: [PATCH 4/4] Add SSL certificate bypass for socket connection --- frontend/src/contexts/SocketContext.tsx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/frontend/src/contexts/SocketContext.tsx b/frontend/src/contexts/SocketContext.tsx index bb9d530..20b9be6 100644 --- a/frontend/src/contexts/SocketContext.tsx +++ b/frontend/src/contexts/SocketContext.tsx @@ -43,7 +43,9 @@ export default function SocketProvider({ return; } if (!socket) { - let socket = socketIO.connect(process.env.NEXT_PUBLIC_BASE_URL!); + let socket = socketIO.connect(process.env.NEXT_PUBLIC_BASE_URL!, { + rejectUnauthorized: false, // Ajoutez cette ligne si vous utilisez un certificat SSL auto-signé + }); socket.on("receive_message", (data: IMessage) => { setMessages((prev) => { const newMessages = { ...prev };