From d0f6a04b3f60e4b990351ab3ba94061b028b6bb7 Mon Sep 17 00:00:00 2001 From: Miguel Veloso Date: Mon, 28 Sep 2020 23:35:30 +0100 Subject: [PATCH] Final working version (docker-compose) --- deploy/certificates/.gitignore | 4 +++ deploy/certificates/README.md | 34 ++++++++++++++++++ .../certificates/create-docker-certificate.sh | 4 +-- deploy/certificates/import-certificate.ps1 | 8 ----- .../install-docker-certificate.ps1 | 17 +++++++++ .../media/root-ca-import-warning.png | Bin 15699 -> 0 bytes src/.gitignore | 1 + .../Web.Bff.Shopping/aggregator/Dockerfile | 4 ++- .../Identity.API/Configuration/Config.cs | 2 +- src/Web/WebMVC/Dockerfile | 4 ++- src/docker-compose.certificates.sample.yaml | 12 +++---- src/docker-compose.override.yml | 8 ++--- 12 files changed, 75 insertions(+), 23 deletions(-) create mode 100644 deploy/certificates/.gitignore create mode 100644 deploy/certificates/README.md delete mode 100644 deploy/certificates/import-certificate.ps1 create mode 100644 deploy/certificates/install-docker-certificate.ps1 delete mode 100644 deploy/certificates/media/root-ca-import-warning.png create mode 100644 src/.gitignore diff --git a/deploy/certificates/.gitignore b/deploy/certificates/.gitignore new file mode 100644 index 000000000..bddb2cc22 --- /dev/null +++ b/deploy/certificates/.gitignore @@ -0,0 +1,4 @@ +*.key +*.pem +*.pfx +*.txt diff --git a/deploy/certificates/README.md b/deploy/certificates/README.md new file mode 100644 index 000000000..44416bb0c --- /dev/null +++ b/deploy/certificates/README.md @@ -0,0 +1,34 @@ +# Dev certificates for Docker + +1. Create a self-signed certificate +2. Install certificates +3. Configure the services + +## 1 - Create the self-signed certificate (`.pem + .key`) and its `.pfx` file + +**From WSL**, run the `create-docker-certificate.sh` script with a strong password for the certificate. + +```bash +./create-docker-certificate.sh "secure-COMPLEX-and-SECRET-password" +``` + +The script creates a certificate for both `host.docker.internal` and `localhost`. + +### 2 - Install the certificates + +Run the `install-docker-certificate.ps1` with the same password you used above: + +```powershell +.\install-docker-certificate.ps1 "secure-COMPLEX-and-SECRET-password" +``` + +The above script: + +1. Imports the certificate in the current user root CA store. +2. Copies the certificate files to the `%USERPROFILE%\.aspnet\https` folder. Servers will serve the certificate from this folder. +3. Copies the `.pem` file as `.crt` to the src\certificates folder to add it as a root CA when building the images for some services. + +### 3 - Configure some services to serve the certificates + +1. Copy the `src\docker-compose.certificates.sample.yaml` file as `src\docker-compose.certificates.yaml` +2. Configure the password you assigned to the certificates in the settings `ASPNETCORE_Kestrel__Certificates__Default__Password` diff --git a/deploy/certificates/create-docker-certificate.sh b/deploy/certificates/create-docker-certificate.sh index f29edc1ce..93cf93239 100644 --- a/deploy/certificates/create-docker-certificate.sh +++ b/deploy/certificates/create-docker-certificate.sh @@ -5,10 +5,10 @@ openssl req \ -out docker-self-signed.pem \ -keyout docker-self-signed.key \ -newkey rsa:2048 -nodes -sha256 \ - -subj '/CN=localhost' \ + -subj '/CN=host.docker.internal' \ -extensions EXT \ -config <( \ - printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName='DNS.1:localhost,DNS.2:host.docker.internal'\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") + printf "[dn]\nCN=host.docker.internal\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName='DNS.1:host.docker.internal,DNS.2:localhost'\nkeyUsage=digitalSignature,keyCertSign\nextendedKeyUsage=serverAuth") echo "printing text version..." openssl x509 -in docker-self-signed.pem -text -noout > docker-self-signed.txt diff --git a/deploy/certificates/import-certificate.ps1 b/deploy/certificates/import-certificate.ps1 deleted file mode 100644 index c9f1a5013..000000000 --- a/deploy/certificates/import-certificate.ps1 +++ /dev/null @@ -1,8 +0,0 @@ -param ( - [Parameter(Mandatory = $true)] - [string]$Password -) - -$CertPassword = ConvertTo-SecureString -String "$Password" -Force -AsPlainText - -Import-PfxCertificate -Exportable -FilePath .\docker-self-signed.pfx -CertStoreLocation Cert:\CurrentUser\Root\ -Password $CertPassword diff --git a/deploy/certificates/install-docker-certificate.ps1 b/deploy/certificates/install-docker-certificate.ps1 new file mode 100644 index 000000000..64960fff2 --- /dev/null +++ b/deploy/certificates/install-docker-certificate.ps1 @@ -0,0 +1,17 @@ +param ( + [Parameter(Mandatory = $true)] + [string]$Password +) + +# Import into current user root CA store +$CertPassword = ConvertTo-SecureString -String "$Password" -Force -AsPlainText +Import-PfxCertificate -Exportable -FilePath .\docker-self-signed.pfx -CertStoreLocation Cert:\CurrentUser\Root\ -Password $CertPassword + +# Copy to user profile to use as HTTPS certificate in server containers +mkdir $env:USERPROFILE\.aspnet\https -Force +Copy-Item docker-self-signed.pem $env:USERPROFILE\.aspnet\https -Force +Copy-Item docker-self-signed.key $env:USERPROFILE\.aspnet\https -Force +Copy-Item docker-self-signed.pfx $env:USERPROFILE\.aspnet\https -Force + +# Copy to src folder to register as a root CA in client containers +Copy-Item docker-self-signed.pem ..\..\src\certificates -Force diff --git a/deploy/certificates/media/root-ca-import-warning.png b/deploy/certificates/media/root-ca-import-warning.png deleted file mode 100644 index 23fc2140b7bd6dd09236e66e6d9ca587b1e9e447..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15699 zcmc(GWmH^Ev}HpC3y`3}9RdUhZUKV3yE~1$dlDqLJB_=$O9*a_JB@4O?l7J2d-G=2 zygxH*&8+!xyVtF*+f~)or_MQh?-QaRCyt7Yj|>0+P$eZqlmGy@RM_Q>2oG!V@PL-W z-r$^+#DxGAV8VUa&1;~btRMhT9fk5}_y%^5WG|uV1OT9Q|GnV)?TSnQfUkR!B7!RJ zdPg8DYu&koRdoGWs-+m~1qY-4c!pRtlQgM=;#Ue5g_$}5p%Zi@IliBu`!vXiUyP9@ z3MAh96~9e!W&4zZ1rmD46A@^!=*WY~q1XeE>r193?{i6)6w<8o##=a}ud&vwS=l&n zEq~&9NN*o&-sN}qIN5nY5L^Zd%<6f8oMsnxtB;RAE zIW&H$a+{iITuJc*WW_Rp6pM>E^2Z4A^;jyU}u zhNtY573cVP5l)tzuSV6uZH;Z)UApMjx;&h2&~gGH4QJp>VZ&+-p$o+Q;j)*3_atoP z-gLi>?u>TarN4m}r$VpEGuKJl&hG_6bOPeJ3aS!pxrzD=ni3tMaed0Q2?P3alPu|? zZ$(U1g0z<(&pL>1uDtEfw>j<1r<`r)o3dLew6xl)NrQF`7NTQse9o(F!YW@Z^=S1O zlX4>nJi(djOCShDmxw+rjNVasY5_8Z$H2s}ut22J$V$h=G^GbU%rV{!(zDf*Q3K2^5PZ(PiB`5KX9xyUF9uVdk{7m}?B@1aicyB$icuI*7y5V3{F5 zDh@BNH=kDMHu2a-V=3ViLkHi+K?zb|)tx9-j*d5t+wnLp*> zNeQi^)FPOS9U*w5VRGTmdY1P+jTXgAV=9S!yDS!Rgk0aQib6;7UT)+>Xv7dcoe)rx zby(HCdH2Hwv1 z2qa`e`N8BaWTLyz#&TH+e`haugX3Yr+)+pc9#F@Hy=r|fT;OQ&xTUu~(UVJ`A^*XP zX1;$sU|(eN&ZLIsr0u@eYr#KZQ_! zn&hltmZJ?*^LW}azheSqNhW*AIL#F!(tj*x{*&dUgb zu`YKykwzayZ{GfBtA)4`!&QnC)ZVA8TkY3pzYb3gPo{hr2_U@q#S0&cnVES?NYZ;N zKWoUwDARbmmD=(Swr`kW`tPjqKU5CoZg(QP@5Q%O9`||dgfk7m7Tny-y_6)GC!R}Q50Vwv*I#|~zBioIV)n^0w$vB4Gdu{^ zcS*n33Zs1kkf`=~xHcLCr@j*4knVh~;Z%Sg)km@l2hd8!aR6@6SAHLS8fzE`zP~SJ z^;PE~x2uH%FvwX!tYL;~Q#U_K4FF8T{ii8@2mGh$lK!<^c(~(tfcJ>@K!E=@|G!oX z|NpzI(8cn?(9qB_%6qk7Dl#U6D6o^*I!*R$HS-R*c? zTy!!f4bwI92i-)-$eih=32@*Y`PJy}REP&f#Yep>b@no3%gjjqh)?M1LVXT0Hnw$PAUj@E6E2ViHT||UXVF!BOQB3z zhhLDPmUJl+1c5}Eia%jJziEm-`|n=p4{>0Zy z8-qps^Nr)5+yH;N!my_HghDH}DXb8+j(D72$*6JHfMrcqTaGc1*UeGmn48G1*U5d@ z!vomW`!cWLNB?#tlQL{HBef2!sMmM+9$Qg?4;tD1aFa!WZhvK@2c&_Y!o z#qj$?j~*Qn7Z)q5I)=wv{qAa}FeLt~3KlD+L3szo3j9~CLDbh~e9~v{DAPuUHl8J} zhuvj?@3hn7=e=#(L7vra)pI4}wSKz>Y;{)tXe?4(kor2>cPX!&(PH0gxVZJ%0e18j zs@AWy6QBDlvQciXn3jF!R#!0Ey{{p|C!H@HB`WAU$)#{Sq-aN>mFmPJ+l+UgavZx8 zbNntvn(Gb}f*;(QO1`UbLf=iz2#-FLuGf91ouw!}27}YNo%SakfxFtgZiI2%tuKT5 z3Fyz>2eVP_kLQF(s3{AGWu@}ovN<6k9hB#$lZN&*bLTiA4Joyx^1`YfzK_wz?bHd6 z?xL!KFMAW!WUDS*WAJDx3Caya?7G-oj+QI>zR)U5>9juzCx%mcWfi=w9v6Mf%cXA1 z4r4)9e$|_9wql&*&$yyD-k13i+nAiT*KHTqyg5e3ANd`~%JpFwUM3IX`$qYuV2AxVNcg9dyyD95E{PjG9V-6ABBOKZA0h?vDuR1T za_2-4PC`XlHZ%8R$Bd1=zLfXJkJp_Zv?6I>U@? zbWEMiG~#gsx0B25xQ~Ir*WqMmg5>3J;_i-@r$vp!4thVA`Le&j`UJ}4^4wfR=zM6+ z+=oJyPyv7}>IS>jj?mg#6kNu~>&BB+mz%zfgVlxSfzc#=kHcv@j**WWUJnqaU*jf9zSC{5GneH!c z)2j=#U9R_r?Y8D@o9|x--|NvoZCU+n_1m2;PEutB0E!Y+9e~5b!?m?c0_Ou1VI*H4 zLWoYpIFB`2CTi=vw>Nsja2a*ly!Vyr+CD;b7F_$K`mgq-f%+PBH*8;`F#%Qln%Hix z_m}(HcC8Pbl>&Yzi7!q|HfcG%5sKVeEgn~ocj%0|_x7fDW;CN<92~X87UH(u!=+B1 z$H8EJZcaB(Q&Z7;yRTD&d&}@AF_Q}PcUmPHPP~+Q9qL#;48=lis+9ixh5EVLXrfRP zMe6|uktN!9_`;izg#>za--|w8biT{Adbelq{_eS)KxN(MC}$1 zSB4lb?dImHBk(rEHc682J+RSw<+_i+?$d{I2^Z$}so*Q|56)&s5i;*XkiKUKaBy?6 z6bVp3Nqo#s*VeV#Wyv73Rx&Ia@@y-h_RGoDo9koGqnS?Mwc|{Yu*Qnd&LW(NNleau zr_T#>dc01@%dK;jx|$uXru&nBHm-Wp=5mNgbZ@gR^^ZGWa)EkY#)gK1lC;S3j}C{9h+r=AW7#bAwOW+Z$^zSs;l>zAq^ zF|=zq8Q|X>yGeQ<2ZJ3*B zt6au)516+(nRD5x2jXZ=6e9D#*rXJYI^!RL!I=VnNB2fExzlG zoQ&zZP0s6+fj71~0&drbUcT* z-;7^v>Kjf6lgr_^CcFo3VF8>3)Ffu~N8UVgbg~0`YXJfyBsB_6J*zfy6Yr&srFvg` zbPM3iQg^b*Ycq8#1kD?%D33@>8`lOqw>MeQ|6(gdl6SJf+#1H}c5vg=U}BpDF)%T` z90CPat2g89MxOh1Gu@w|3xNcP9WanWYn&VaLNL249jeL=TYBIY4q4mf4{pEG10r(`-7}HNbt3S?M2IxJIXF8=u zYaXuMZLqL64eH6mX4`(&M<6}SSJ}zoBtQ4Eyxd;Xgq4t#V@^fKBo5J?m|ZHCx+&0Z zv{|mI&Kgl9- zM|-Zx_M+89?6a>gw)%1-y?XzIEB>+&b-YKn+J;wNCPF`ac$kQj+uHDX)%PkmN&n@! zmtJ}o3{n;fi$?3&mVlVOajz9fOG}mZV!bv}3S4KJveEYz=irl*jJ13EjRkQ*@)Nr$ ztcfJ!b#7KTbWqjsQGKtytf2R#8i}26w@Ffi{Wa4j?(^xPHQ&S+x9c0fm#~O5{`+;W zF+ZcJGgJcgTRq2=7sZ^m_b!ZL(!&##V`2i_&FfDn6N$1DLqD2Ub#k;-uFX-xCfXaB zR&PgNT3jw>l?!*`$3w>l6VQ4Xh}S?__Ib8KSlksMA)32wd9`wotMS8}IzOd8k~kq= z@rQ-95MEiNsBfcVc}Xmk!jY&MWOGs2)JGrEJ~|o-dk9zZDc-8}g{SC9Rk z<-MMdfUrGe9a~fz(h;15;I-dh2i-LCL7ZMXT6Z13mb1Ddn=CSa5yfl!+AKI-L5X3ZI-{iv~XTKThE_{cqQ_VJzWKv z8y;U)?jNfn+o|4S{s`B6yJ`YfJCl*|9$WW;u6`bwBhjRQ&$_bseRv3Q8_VE2tF4H< zaASPB89U^!t*Ro^Vhr=Zt)5ie>FGO8cyV*w9_|-o>+qAl&hZ4hl9y}Ybl|Qf7aWe@+xgMYvi-qU_$jupzp)xmHYr;D?jOF}MV%&2WRVM+i7NLL!yZn=H(A>m*< zqVpjtxWN{ZGXwyTru8+|o{&6r@!fb^E05KjN)r(&0>x=o8?4(*DIiL=ZKld@ZjH%5 z6hC-s>oJj&+2i3!8UpPydAq|rApg@o>=*(72J)GY z55)!UC$#O_eKz}KuQKA>@F!^7@MXKqYg=>E_=tGf?z>lHn(9pNg&Xs?y4=5GJ$DnA z>)@!WH(1{djE}!B9)MvY(bC4tcxR>hPg42#L&uO-RT#ABXps!dqx|awmo<&~rvU(e zc7*@a6zk|1To4x~q!wnOSDVg*4FIsc8-c+n-`~gb=7z-fWH9c_=zZ#b{NdaeP%=Kb zCx$GUH#v>G4jYPs&}~N-l*UpX*h61NqGxU4?4@h_xe4_f%7<{?S{$D()4?sH@bnZ7 zB@x+%$AjSAGF00^LWzoDRDe15>{Ko5xhblKz_M-<0bm^C^(J^@KaRcF5off*_Q}3d zrcdi{J6!-P??pKnq$82urkrpP{9rQlpjykw+4{8&8IXnjJId-6KnNgEfeJuG_zMyJ zU(YiGu3dps2#0SZ%;}qjsO_jqw_>bU-cA=(S!~zKM2`G`EX-J%8x;x4+2rvkab#nW zA#aRGVNKUI{r-&XYGRzKVk^ylIlmMR`x7lpuHEvjzu9*nf# zaET7g93Q0dOSY8>Y>RLj+xV_sb1N&Ok}R#1rHqBGJ$7y-*jUUsWWQ_8s#En%r_!{1 z$i^)uz?)z%mjM~)<;5Av8bM`L5>c?0KCY|eSoOA}C|V@6r3B#QpN|yi2Dd6mAu{Ke z$tAp=Qjrdeh_>8w1*XpblvBmj&FfcEWKk4B%PwsWlE-aM6NV*@6XVgdz0jgO`cf#1 za-H-*@u-N%XN53{8T%W2!@LQ8r9EF+hB#NMWb%|Xca=|p)IJQV4 zom^C-auYdf8rFo`FP=Q6@rD6I7@4F}`KB$XGeH9psO8nA)lE(HQh0UYBACLa z+%4^;KXt<#EFGI|g)Lesl)FZ;Mn6~M4<$Cc(#NG4lTUpKYl6=&YY`KY(=wt=CQtYh z9Ga^yl_l>}}r4K1{FY*GiSGSs4|4$S>R z7Mo&}FAFu3KrG;0d>SiaoH?@IY1uQH)H6hNRj0~X^E@Qhkhe8-zHm+bV-@fiG);*S z_J~TDo{~aetV7ZPr=~X8YZdpINGb7Vc3QaNNBsQbcPwVb>(G0PLAg2XViOamBEqyw z5Iu9BLYc64dJjVOKpra-{v!J~N80t1YNWcSG}-;Jf_zR)SL#OLpd^&nobT!{7Si~* zWpu#_8{Jv+Eql)H>;|aUQXicpAeP51l(73bUv6h{g=!CLjB*>KcDT#isq#Sciu z!c>ThFT$wR>S(lf)Q<~?*}|9$^a&-29NPLc6S4=E3C9W(%`RE`GG8Rc?C3vw z)x|P`H)D>8#J=0?x~v78^rD*YS>b>=zvMU3xivgs)E;`4~CWn?uKcPKsU z&Q19ywarqMVopD*#eTxZui~k;nM73)S3?acmn^vIDIm5L!lU4zXMM=1G*{QBdI%V{d+ zbCf#Sf7Q#x>kpaW=MCN-D(EymlBtW-gGdDOyaq!LY@@GA5M{>-!QUG{8G^yy)iv0g z!Sri!w1v;q0m)H{L?3nD_}W04Hj-63eM@kyL}k6CF%`%4?qq*+I2I5gA0!HFg}y@t z^HH(=$_-@MXt8R@VAmTHOvBKAL@aY!V?h3q4luySj)HvRmd!oF0>cZ+8MF)2u#PFj zvX*HX8XjTHLB_u~A}7OeS|LC!%$0Ke1KDPeLKeJvgR+Ki9D?w96O?L}K7Ln~o>k~h zKao!THk!I?+^5xgX2_~v*fFDtzPuC{iE)my{|iIzgz(ks75pI-4|#+wA& z^4*1Hc~L-n=Oo#;tScv=jQc#d^{dCdz&2-O$gE8^{2T9R$SZ{T z@Vau!#h)`A)#oYUE7HpHU3H%$`fjna?&!9 z67H_3f}(OK`>#GHrsM0TVeA}Q-~V3G#8dWyfl|t5b4Q@)^+s<&a=&g##m%Z(6d)S- z2s4m^wPl*d>Hf4!kRgWA+47I-LHOXRMGsMYpBZ|Jv67C8s{Z*Rl&CUHJE9XcNfCZZ zxmMVS-9%1~YhB&rEjPaGJwN>o+n|A&>zpFKk+Z!)s8)R67V>D#03vf&3V#|RQX&K; ziXP?WwCbk5)uPBYTXp>`u0KYHp3iWI+oyv4PQ>Q36cnadm$J z`x9jEPbH2H%5?Sbq75J#c}U7kO%F9if4~du1YVStcn4PtctmAZ1V8k!I$EUEwp)t9 z3@6ZI25GpoX>P``^_ayu&DM_JWP&Z_ddZ#hBP~htUUHr zr?gJB9g8bg8}tPTeBL`yLlqngLa&mdw_ts)4T&kgvb14z@6 zzV&wUpl_n{)>ZR#-xvNejsN(A|3NYS%WDL*1VaNe*CDr4P!Lh*cbY<#E=R{Um_}`0ft`#;T||b-5b@V1f0Y(E`kTYfSk;rL%Um zkF^3N+}JS$b{nu+GDsqFrX5R7b0l<61Qtq(u@7^;!rqL4@iQW=2;4Eb+;u3`ZGbW_ z*n(lPazNJKxcPsW`TreeW_;yXhAE3SX4qWrVkqtE*y5X z3zzV8Z;B^TWJCLEcPTW@({;27SGGl~tz5gA8y+V?Nzh1gB%aouDmhe3JkAi>%&im+ zN?M7O+@t2LuK7Hy(JUm9L$;mFNLiDs(%Hd7{D#dT#yVrbF=1v#CefnTepT`;J+5d2 z5tnOb*1w~Jzdk^*)zQ00D|m3BEFuU|ay?11*|BSk@(uQ<2vpID@$u-G7_vy(h=|^V z&+9^B%c00qs%3TRI` zg=K!snX?9U)9)n6e`Wo|k-Y9h;dn+19VbSa5a20MLm-;(MU!C>c%EKnb^c1f(~mwH znV>ZMi>LjzRI`X#vxoblpBmwYXn}LD0+b*h8L(d*@}Zed_9gD2*HQb}07A%&=v7a+ zf@jI_B^Gm=maArr^IFPGlG(@IQK0fVb*{1^uCLO6>|E1562VOz^UaNVd24+(%=2xy zOaRe{y^6Ps@fANp1Z0+NNKj#$wYA6D_?Q%G^+BtVR1}*6XbY z^6j6j4-p55I&ZLu>GPe9+bnNoOg2~bBkld_%`o$LFDk;0MRlLlY%1R zSQVaTY`d^W8IQ3?N6J;rq%>uQ?k#RrTA__wm*IaB#UQ_Z#HmU{UGCpk@BNhpo%m|r#taFTgF(gMlEG?(4vIPib1mFD;;!yf_Y#p#JeOZ}@c47* z-~l6@pG{TB+z-+yl?vq^usKpQYM(=yv9Z$@-Eq|`t2R6ty=ij?qpv>y%)(T>XL1w} zvIh$tc;AOGt9<<7r`A>I&jJ^xLJ?#ZlK&KUk2gFGerNM_W(yG!zsJELk&C++Gaez{ zZw)v8+ah69&pb>KaS`c&a6r&e|IOD~XGGE2&yzRA_gVxr&c`!mL+NnzV^;d>k+Jtv z!NGgUH!21FQd=cD5G5>b;>TIn0QGilb=0z2O+p?^M-tZQ*GTzy9WK_h;y-)g#yJc? zqxHeZ@@53Cw7F>!>0Xooc!a+PGopbjO!)FIs_}XQd<%(u(uMEzu3nuD!bHL>-?UbtW8#JysU*Fk4J94{0WltsIwZXmHn27gG=3a z0|yH*F2ZBidc=`nExh9+IE^<^)p5HNdTaC(0dP$fZ!~8$A9W2_tak!i$fpzkf68mFZ9x7E-^x zNlO?SRgyU?q4ccin`(H4aQ(}MIgmhoIBgzVWKvs7p<^VQB}Nu6c?_;KAwm9VGlpGC;P&AgpV8E9*4oy{#F7< za~{xJQs?0~w|A`7d+UliT7=*%Mx6nI8;7s!#Jq2uDDZ~ z&RWp?%QEj}Y4EihvcLgQ0i{`U;QzqCucY7rRfz`Jms(#kecus=_eK6mf*Ys%XR}~o z7XYySj{@ayq;^Jwac-qak5x>ja)tC(6}-P1-!gMZSowZPCxS_^%|}&K%E?V1Yp#vQ zG}bZBW@gsXMVCa3e#&CBom0(5J5{lU{3%rsgVz=E6sl7UO-67UH6R z-)&x0YbffPg}Nef(?0Z+JKMC@L=AQF8?@kr9A;v`ge&=QR_7TQnk5<*sdj$0=13pxh1ILEbOf&qhRtydn^;?t2}wfS#SC%8HjnC7TG(@#{Li3#)k6c{2a!RF@8+koSVv#;=pn~z|&%1L7MzA@3Gm(l-`6IRS znrg1@1#c#wU-hY#qEV8$gx~#ZDvAj80yRcQJf@aGHe<=6Rk+h6dqOlMg=ei$eXPp6 zn(l~atC=FFy@M|MWPz`O+5Gd;~HG>ex>G!S5=sb~! zEOM0=LX@bDE|x_-lt!0Wu$9$tv6zd42BOO=J)Ysl>3;R7U8M7$l zlP~Qldh?_^8^_kO;S@Au{JlKbK)IDl^esb|4+m@Yv3onk!dt2485dj63&q_bNLhAn zD&|Tlbq*R!%ei&8&ofv&{H2Rl7{skEumw~>Qkq_+yhlhdxJ86qgzcTR*Yfa(_|?mZ z6|0jd$*I#Dt*x!G3gM6_K@I7sN)de;@zqFYa!FQU(^&Df=*zY`Pwz%@nCYCX<@rwoX_Xs2gk_RB(bdQ=0IBQP@ zDs?>vg?fz&L-VYtzawyuQb>J89I%l&vRW=@)R3Kp=ArNogskHIZQffc*vmsHqqXv$ zBzsK+cn^;#hyV!qH$7W~fbLe^v2!yTP`lLpC!y_R`G|_|foeHx8lfm6nwycQT6oXbnL4^-#-Nn4LuYI3nL&(nXeAVpBp6x&dg_^P%RW*4+)OQ^W> zY{=$vG^yd?7|FO+gzR5fH16mdW^!h%SJEkLBK8grlpi`#nMpc-$qz(DiTnl8jebtu z*Pe6f;uB!Zh(~H?vZr~%>r#PnNBdP=Vg_AI2(@!a0uu@6By6Opf}I7F{IUKMZSSDTw;CDkPN%Ml5#Kcau#1bv#r_EJ$$qO5Y7m3v+}Tzh-_(GhqVVxYMI zPO^}iS8F_IN*;;iqzNOG$`je6LuTkz*>Z#gOcvBjda;VKN|y!Im{vfBwmj=u z+vhiyWjoPmt3z0%;oyM1iy5<8dUL2B|x^gWTE4+xq3)E2PDH9 zNlcz|9XTp&fs1$$qr~*!w+72c-R_S+hU>YeLO|DMp=SFPi2niHn?4l?9e=J$8+}}h z{NDD<;iq>_G-8b`!j~Ih-$E#oH$jhGp^Rb=ONGX)R74=drqZ%4?IbEg=#dEO%T^%v z1TCwRLo4`**-pHv>5nl%Ul?@BWJsO}V+FK=EUu-jsXhiq?y;K!(_^F#Pq4q)wB9UL z>n4^{QL8a3q*cbMdZ&D&QBtLigID6H67%3al5V%*{ds4MuqHzJ)Vw$ay4AQ7Gpi!x z0(2IgNkZYzGp6gc!+kfpeKCm(9DdRQs#?~X5psJ-;T*Ab~}x@GQ)A?wGWMf)wb z4GAlJ7*A(DdyM-1I_PlHLFSgc57k?qJazl+0tTK#gEN&~`>hQ+t#Tem`>a#17Pqex zDhv!14RoEB4uXWHk>^{!TPT9D*-&xhBf=w~omsC~^@3$erYQ+W29Y8|Gsj5WDkJQt z5sX%jAZ=>rFlhX2kirAIvng{(w^@R3^)SdqG)TGcI)o`W;s1h!fBuCG;96@fp7=8` zb`l~%w&+`4?AdjAio*7?6ZXP0)Rcb7dMS6Zso{zRi|fFMoL}ip4EdLEwVodnpcBn! zuMfe0ewBcBD(hZ_VOD%Y?Y5>Jo-UIS7BeLIBAZnoIS3=oW~oS1wormbvR`hfal>5a zK5`~E%1Bmcys4v7D|Fx~McPKez*QutC7XzLj6ctbDavXcx5|Ja-a-U2-t8)Q9fV%{ zc0bPP@k1Xb1F1(ttlt=s@yN4Hch|8VeZU*kd>g~gRuHlf*zh)>6=v0=;Q1wd?$jI8u}!TY?l&DT>(JXSV_p$}YHo2C`r1)B7d}DAP{aBuL&4%DRInr^{pp~i&EUuVNEp0)HU+5@|L7-7dZV% z^T_;lfTFu0qiE|R@GP-u^1DhcwzG!gJ9+OzP5-CKr(>zPY3X{wO%7GMO-27OZ=uJO z*=Q6Xt|zht*u0N5BZ}3}*_x1QFMB|4u8UbtZ<;IVBBjAC z+HbDx-S&0{gdLcXu<(T|cAPKD@uqBsa?V@^RgCoZTRGh|KX+*MlQ;}4;mjgYj`5Pa zKS0j&ydn0z+jJa_{Zk%2*^F1$%Dc&%CN(U30d^uLe#i=ijfbl*2&!mQGhuR3ok^Wx z-w;F8<|YoL$1k~cN6q+j89wr3i=Nhw76iCz<4d#LVAZ0VZ!P+OQ4;#Ic5QL(S@9jo z2eNC`J7(Dux7GC|fr?AG!?j9RXk&;9VntDweeE*Sz~<&Q#O!E^{k z_fxL;EeQ3YR(SKmfigJUlKBGQ+hyEv6okyE?y{-*17{;Mt*I6XB1t~YT^{1kDjM`Y z7PF?}q6{267@#4<8Ga!fN#t6=BDxBbAu$N1$gR1#I(z;BGwWnKRL=t35%(AHm}EIT zZcp=WZ^w}+!N_tPmz?BENz0V#jlv+5fE~{t?U0Ji$_CcWBRt?*;wSpUWfNFBax|i% z{hiRCuF5+$`=^oR5^L%%*nsw)v_jr98| zR7~iI5MAI-%lFxgiipY<-tm5QDOo zQ*Id$ST!ZzU|h5fb|%(;hZy?Av}_I2Aym)dr`Y>rnOzHMUilrPO8}q*08Fo zK$-zHfA2Y`9RPE1d+>uQ z@UZMm-PRE{)3>j=sgm{m=oKrw$$pXwM#rK0u~zx2{r&xY0F$}$v||Il*VJcJ zpgJi`0TH9qH&=43CKn=wSltjOnK*nNS0e&qp7}YDM;J&oH_FDX#t;}im{MUcMlXn* z-(yw;6rqI^DamfkZ3>w&MrNSl@U(O?H!=Byk3Z?D2}y7^RsA=MDi-YhCyV;7g=dj< zw10GjIs!T~WQdw?B311zF+l_Bo3?6d1wc?iK^A1lLtk3rY*V92a1nq zMSpF7?`gAzp3TyRSmj20-dD8SHD_#TdL_nCcRVmi02?31hr5^J5pE5usnqDM&opmG zh`|KNFGg*pzX+hZM>-OxOcHW>pW5HI;9jeNTQ)*Q9?7=I?b=768;SEdP{}qaPsuBD z2?qGg+HoGmw$?n2u`FvCasLBGZyi`0?b`w1jeRO=n>*Ba5e%OEVVpgH?4Q?vbNc`C zKmUJNRk9Yiujjc>RS&DmJQ{>4ubBV$Ygc{)>quWWSTE!#k)8K4`JP3++(yj=^(J*( zQY9eA3p`B;s20N?uCx;zzY72~*EX(rO4|hVM)^H%;_A7R4TF3Rv{#h~3g88AxV`8<UP&?47wRE{+Hm)mt(lOYzvCAKi&}mB`UIiNAAY-JH6U# zU47hfBf0BlI?lSdMVZi_e7&)&uRfKy+i^D|&b7I5i&=BOSdCm;`w9B6LBfANV@Iva zj<>#D`I3(CloaJXvv~;3`FAP(kz>C6_t%XicZ7GPyS}GKdrSIRNIk~-K4-n^ezJi+ z=zPydOl40a;l)mRalM$Eet1;JT!V;FrAxM{EgiQI5{~Ii!@tX|Ff3bG z6Z&;GAIZe;cD9TDBuT$)9V - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx volumes: - ~/.aspnet/https:/https:ro - webstatus: + webmvc: environment: - - ASPNETCORE_URLS=https://+:443 + - ASPNETCORE_URLS=https://+:443;http://+:80 - ASPNETCORE_Kestrel__Certificates__Default__Password= - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx volumes: - ~/.aspnet/https:/https:ro - webmvc: + webspa: environment: - - ASPNETCORE_URLS=https://+:443 + - ASPNETCORE_URLS=https://+:443;http://+:80 - ASPNETCORE_Kestrel__Certificates__Default__Password= - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx volumes: diff --git a/src/docker-compose.override.yml b/src/docker-compose.override.yml index f3475fc43..4ea826115 100644 --- a/src/docker-compose.override.yml +++ b/src/docker-compose.override.yml @@ -46,10 +46,10 @@ services: - XamarinCallback=https://${ESHOP_PROD_EXTERNAL_DNS_NAME_OR_IP}:5105/xamarincallback - ConnectionString=${ESHOP_AZURE_IDENTITY_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Service.IdentityDb;User Id=sa;Password=Pass@word} - MvcClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5100 - - LocationApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5109/locations-api - - MarketingApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5110/marketing-api - - BasketApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5103/basket-api - - OrderingApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5102/ordering-api + - LocationApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5202/locations-api + - MarketingApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5202/marketing-api + - BasketApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5202/basket-api + - OrderingApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5202/ordering-api - MobileShoppingAggClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5120 - WebShoppingAggClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5121 - WebhooksApiClient=https://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5113