diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..51c48909d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,28 @@ +FROM alpine:3.16 +MAINTAINER Jeffrey I. Schiller + +RUN apk --update add tzdata nginx logrotate + +RUN cp -p /usr/share/zoneinfo/America/New_York /etc/localtime +RUN echo "America/New_York" >/etc/timezone + +ADD iot.conf /etc/nginx/http.d/iot.conf +ADD start /etc/start +ADD logger /etc/logger +RUN chmod 755 /etc/start && chmod 755 /etc/logger + +RUN mkdir -p /run/nginx +ADD logrotate.nginx /etc/logrotate.d/nginx +RUN mv /etc/periodic/daily/logrotate /etc/periodic/hourly/logrotate && chmod 644 /etc/logrotate.d/nginx +# ADD jis.pem /etc/jis.pem +# ADD passwd /etc/nginx/passwd +ADD docs/build /var/www +ADD docs/src/www/blocks /var/www/blocks +ADD docs/src/www/assets /var/www/assets +ADD ssl /etc/nginx/ssl + + +CMD /etc/start + + + diff --git a/docs/src/www/css/main.css b/docs/src/www/css/main.css index da92a509f..95ff46944 100644 --- a/docs/src/www/css/main.css +++ b/docs/src/www/css/main.css @@ -21,6 +21,7 @@ a:hover { html { font-family: 'San Francisco', 'Roboto', sans-serif; -webkit-font-smoothing: antialiased; + font-weight: 300; } body, h1, h2, h3, h4, h5, h6 { diff --git a/iot.conf b/iot.conf new file mode 100644 index 000000000..4d8ad262e --- /dev/null +++ b/iot.conf @@ -0,0 +1,37 @@ +server { + listen 80; + server_name iot.appinventor.mit.edu jis.qyv.net; + root /var/www; + # client_max_body_size 50M; + + location /.well-known { + root /tmp/well; + } + + location / { + return 301 https://$host$request_uri; + } + +} + +server { + listen 443 ssl; + server_name iot.appinventor.mit.edu jis.qyv.net; + ssl_certificate /etc/nginx/ssl/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + root /var/www; + + # client_max_body_size 50M; + + location / { + try_files $uri $uri/ =404; + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + } + + location /.well-known { + root /tmp/well; + } +} diff --git a/logger b/logger new file mode 100644 index 000000000..13f47935d --- /dev/null +++ b/logger @@ -0,0 +1,2 @@ +#!/bin/sh + diff --git a/logrotate.nginx b/logrotate.nginx new file mode 100644 index 000000000..30885162a --- /dev/null +++ b/logrotate.nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*.log { + missingok + hourly + nodateext + rotate 2 + sharedscripts + size 1G + postrotate + /bin/kill -USR1 `cat /run/nginx/nginx.pid` + endscript + nocompress +} + diff --git a/ssl/fullchain.pem b/ssl/fullchain.pem new file mode 100644 index 000000000..7b49fd667 --- /dev/null +++ b/ssl/fullchain.pem @@ -0,0 +1,91 @@ +-----BEGIN CERTIFICATE----- +MIIFNTCCBB2gAwIBAgISA0lQeqI2rhM9W9JKG0eKA1nJMA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yMjExMjMyMzE1MzhaFw0yMzAyMjEyMzE1MzdaMCIxIDAeBgNVBAMT +F2lvdC5hcHBpbnZlbnRvci5taXQuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAyDTU4LgtfSalpgjXUlQp3/R+x4R7RLb6h/AIfHgwhwu8jeNg2z0F +7eld9uNV0f/mNYz3wYakCgPIRL5jKzXEKe2vt9dmWs+g1TBZXid4jNnHuoAUODgk +iYJwsonPLat5MQ9MF8DHY+81U2ChdI2ro+nnQDW22dDZXie1BM8dDXu6SEcvXEkG +lxZIDPwf3vdeok3Oq+nYZiPkJms+Jz5F1z/phu1yUWxpSZoGNmmRaZjbzTUnVvEm +P5DmkBfgbftCIAkw2LHrmXx5N1LGT+1miQTva7ObFr4hjRtvVnc/gIqTudQ4GgGv +atrDoVx0uO6T9HOZl5BcchnAgZIQYfg8mwIDAQABo4ICUzCCAk8wDgYDVR0PAQH/ +BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E +AjAAMB0GA1UdDgQWBBT4j2x6itvh7N5Z3sKu4Yy/SVXVHDAfBgNVHSMEGDAWgBQU +LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG +FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku +bGVuY3Iub3JnLzAiBgNVHREEGzAZghdpb3QuYXBwaW52ZW50b3IubWl0LmVkdTBM +BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB +FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYE +gfMA8QB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhKb9c9UA +AAQDAEcwRQIhAJasqUwrGpdsPLVtCWCU8yqFnPmYCIpz3Z6z96EMjCboAiBxjOK8 +doI0ng6BPP6b4fcd6zQ8pOu1QZS2jkxeN4jDNAB3AOg+0No+9QY1MudXKLyJa8kD +08vREWvs62nhd31tBr1uAAABhKb9dawAAAQDAEgwRgIhAMRJhgYuFLSsfkBWrIh9 +NVh7Sn4Yfc88IyOZv46XMz9rAiEA7v8drZPQ382ZQHoihfNIP67g0WwvMUQkQmrR +yjnJhEIwDQYJKoZIhvcNAQELBQADggEBAFhvMKPVdhURY33HPs6jNeoSDIRJrz3x +tqWxYh+AXblA2caFixeaBhLD/WYHvm1Af9xLJVdW6LRw6hE9EHs2Y6u4EUi3Rs/c +Hv5ifnCS8p12508fEcanxLoEfg2QYhLHxVewFFnjvEjewRvZ4UZToYYrtw8VwDcS +0z01RH7PhmEapJze4qSdu4/egGSO2IuX3icovLSIJeqqgdaLUK0D//0wnstWrxJZ +trF863XAdD4m+pyPu7h6zbEEjiszF6eDzzzhNCt4b89CVmTOTp0RvIYG1dQVTyEA +idfpQcKoJTlL6+jbBuYMqhSxeVN88Il35B0RRgn+ciYP7m3NPnrZyBg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC +ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL +wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D +LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK +4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 +bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y +sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ +Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 +FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc +SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql +PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND +TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw +SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 +c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx ++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB +ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu +b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E +U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu +MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC +5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW +9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG +WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O +he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC +Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 +-----END CERTIFICATE----- diff --git a/ssl/privkey.pem b/ssl/privkey.pem new file mode 100644 index 000000000..4cc2ebf2e --- /dev/null +++ b/ssl/privkey.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDINNTguC19JqWm +CNdSVCnf9H7HhHtEtvqH8Ah8eDCHC7yN42DbPQXt6V3241XR/+Y1jPfBhqQKA8hE +vmMrNcQp7a+312Zaz6DVMFleJ3iM2ce6gBQ4OCSJgnCyic8tq3kxD0wXwMdj7zVT +YKF0jauj6edANbbZ0NleJ7UEzx0Ne7pIRy9cSQaXFkgM/B/e916iTc6r6dhmI+Qm +az4nPkXXP+mG7XJRbGlJmgY2aZFpmNvNNSdW8SY/kOaQF+Bt+0IgCTDYseuZfHk3 +UsZP7WaJBO9rs5sWviGNG29Wdz+AipO51DgaAa9q2sOhXHS47pP0c5mXkFxyGcCB +khBh+DybAgMBAAECggEASY87zittr0eVYmlqL9oznpE3SbhwEEHI0EyN2anRbrUN +vPZX3oXP2We+uhkyLZv/6hoW5/i/6dwU58kqJ7S0FBG8V+hhN6mE9v+yPklzXhEg +dPJdO4DJT+ro3HiM8kNIHpH3y9xthlbcOXvOJsRs1ad565owylwVmaYuOQueKZbv +WR1pO2CPyDYUmSP0KVSmvRT9ANMX27ctY33Gx2yqiLKslXV02PMoV3utyJfGTRMy +hhdvv1f0LH4Yb8MQDWfeAkBaybcZSyFs2PnHew1/pgnlfEtxLxkaMG1mjkqUT1nk +ae2N5Qrtn2X4M1QClNqWq501YHG9+XeMuC/921ioyQKBgQDqBAccAtMP9ln4u99p +dbMsFKspGLu7WlH8EwycX/zAq7oeHqkDHgogI+TvzrWnqrs65E0D/8LFVWJPbE0y +UKv/sx+D/Wz88qkrSuhzLMyIDEE9M3bcsy8F/ueE0974w78wtvkX9EXmwq5X5ZUp +eBxhjl4E4DJ61B6dFCo/PqI1MwKBgQDbA7Q5zj/dEoESy4Lw/MpWzHhZQPSZxsCa +TghA/Mvnp+iMDvJfTWjfxwoWpDNPlJxuHW6QViXUqPHOSr7P5XEzh46BOsiOB9XG +xFVazIkTkIGuD40udbxaHwoWOCQvZDzXwG+yWEGNYhRS15UzFCgT1MkaixiaMrhV +bK+H6meK+QKBgGV7Aao//084waN/tU6CYASJof/cXezNKihqCln1tiHHVpqhKSHU +8QcnCayEs3nWLANJ5awKSWhRsqRGjuN24F+uSchvKcg3Yu0HOu5XSwrkZZYory7d +9VJgS/3p8xNlr49siXC92WJMolYzlQ+6qnQTzOnIX5usSOpNSFTM0ILJAoGAB2wX +toHL3kUbRLTK6jnW7ZweVAAEihWXP2N3miQ3ENG66swy4JHyBOts5xmHd6H0rzKm +JZQV0iArma8kykzfSjzE0pJYa5/OWd8beWlHF/ekvW5ffXyV9oPoxpn+d/Cwsysd +XfDpv83cHHab4tBDD3D9o72lBszDPHnjdPq3qZkCgYEAxk5zSbO2OGPJnC7DFpJ8 +xURbNhIMLTW6hofKg2dXgXYuHcfMplL2Cjaj2yUV7ceX5xsVcKZceKqdjVuwkLp4 +mNS7YSYuLa3b9Qwx2RA9BvfPFj9mqjB6d4YmUxBnqmheo5EJ/pLHRvg0bnvXYoD9 +a1gL/bNBTz/GGQgI9S/XfkU= +-----END PRIVATE KEY----- diff --git a/start b/start new file mode 100644 index 000000000..b27f33ed0 --- /dev/null +++ b/start @@ -0,0 +1,5 @@ +#!/bin/sh +crond +nginx -g 'daemon off;' + +