mirror/Anthias
1
0
Fork 0
mirror of https://github.com/Screenly/Anthias.git synced 2026-03-05 07:21:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Adds SSL support.

Browse Source
This commit is contained in:
Viktor Petersson
2013-08-31 16:22:51 -07:00
parent d7d34ab4fa
commit 75d673239f
4 changed files with 82 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
misc/enable_ssl.sh Executable file
View File

@@ -0,0 +1,29 @@
#!/bin/bash
echo "Upgrading Screenly..."
curl -sL https://raw.github.com/wireload/screenly-ose/master/misc/upgrade.sh | bash
echo "Installing Stunnel..."
sudo apt-get -y -qq install stunnel4
sudo ln -s ~/screenly/misc/stunnel.conf /etc/stunnel/screenly.conf
echo "Enable Stunnel to start on boot.."
sudo sed -e 's/^ENABLED=0$/ENABLED=1/g' -i /etc/default/stunnel4
echo "Installing self-signed certificates..."
echo "NOTE: To improve security, you can use properly signed certificates. Just replace screenly.crt and screenly.key in /etc/ssl."
sudo cp ~/screenly/misc/screenly.crt /etc/ssl/
sudo cp ~/screenly/misc/screenly.key /etc/ssl/
sudo chown root:root /etc/ssl/screenly*
sudo chmod 600 /etc/ssl/screenly*
echo "Modify Screenly Server to only listen on localhost (and only allow SSL connections)..."
sed -e 's/^.*listen.*/listen = 127.0.0.1:8080/g' -i ~/.screenly/screenly.conf
echo "Restarting Screenly Server..."
sudo supervisorctl restart screenly
echo "Starting Stunnel..."
sudo /etc/init.d/stunnel4 restart
echo "You should be all set. You should be able to access Screenly's management interface at https://<your IP>

19
misc/screenly.crt Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDIDCCAggCCQCurglCBjUMajANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV
UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEVMBMGA1UEChMMV2lyZUxvYWQgSW5jMRcw
FQYDVQQDEw5zY3JlZW5seS5sb2NhbDAeFw0xMzA4MzEyMjU5MDhaFw0xNDA4MzEy
MjU5MDhaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRUwEwYD
VQQKEwxXaXJlTG9hZCBJbmMxFzAVBgNVBAMTDnNjcmVlbmx5LmxvY2FsMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+ktqasRmKoK3VxagLJRoi+MHANI
vLDpkpofkNcc//5VyxjsZu0nCwQje3G9revetaBpcx7f1Tlmh1lxj3MZ6G1btND8
HziExCmF9gh2u5Z+0PHMYDd1OoSO8vSxqBuEMzj3NkmRKjhEzsZiXLGJbKEVt3le
b+jJMUtR5SssDvhFfF0oSGXEeeUhwdDiWF6nwNgbisoGxlCXgm43Tkz9NI6TpxA/
gcB/ZlWCyzmZ+ZiupW5+/aU3mltgxLCQ4BEF1zgcVPw76cCQgLgr7MJq34Y74wq6
a6SddVEgXmHVRW0fINEIT5/HgY38K+v40jNgYEo6EZnEV+/4lEf80qmEtQIDAQAB
MA0GCSqGSIb3DQEBBQUAA4IBAQAtNDXdE3cm7J43Sv8mfsbwShc1InTN/Cd+XM57
6Ug9QYNcKdYJON8vOzgB9lgcqmfR/aQhYuKfX2lQApSkVFB10lsJGWs5ym4aWi17
wvluQrONMkh4bBwtKIK0Q/V7OLU3RwmviqbfCWmEswp9GfGIiDUkKLW/iVMc+1PA
JNqQ1mefVs/abNBA2YKGgVGhrLzcqmX50FF39xw+5m2u3TkdHGlpjrc7f9Oo52cr
V7zw5NpcWUAV/7LsXUES6UVHRty7MFktKR2XqYnLd7RM5cOgUbYlMt5pCh111n0E
VGYaWP0/sl8tImJsAKVqqoFK+KhwAAbzveIYPzNHEooKGLmO
-----END CERTIFICATE-----

27
misc/screenly.key Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA1+ktqasRmKoK3VxagLJRoi+MHANIvLDpkpofkNcc//5Vyxjs
Zu0nCwQje3G9revetaBpcx7f1Tlmh1lxj3MZ6G1btND8HziExCmF9gh2u5Z+0PHM
YDd1OoSO8vSxqBuEMzj3NkmRKjhEzsZiXLGJbKEVt3leb+jJMUtR5SssDvhFfF0o
SGXEeeUhwdDiWF6nwNgbisoGxlCXgm43Tkz9NI6TpxA/gcB/ZlWCyzmZ+ZiupW5+
/aU3mltgxLCQ4BEF1zgcVPw76cCQgLgr7MJq34Y74wq6a6SddVEgXmHVRW0fINEI
T5/HgY38K+v40jNgYEo6EZnEV+/4lEf80qmEtQIDAQABAoIBAFWXPl7QTf1zCzON
dOMnzWy55JUGSENk7nMLXhAQ9pIUxPXqP2zd/mhDj71T7ZmQs4zUtnjIeHsSci6d
qoLvYgndsEkRv6CwyxDoVQ6fdFIQ6tzxvc82rOYxvmlZz0ORBOs5XebLaxyNidle
k4ejaZMCmJVPK7y5T2iXLzPl1WVpE9eDttl6NTP8PsC/Nqroa5RwnIhyxVUojeN6
Ri0SJKM7VKVFFHi/IcfslY2ye69VNuFKG465R8pqJupqTXVsTYg34M3O1RuvWA9H
In4kVAY4HVdXLm50VBYsplaxBt+/O5wGb9qDCODvfmYE0jw5mXUUmRMxfUHKgzP8
JHUK9YECgYEA7mp2xJNZxskM1HkMLkEyETA8RcicrkGxFMATDKQZmQreZg5iuRMz
G2gc+1eElxCG1iEeuVKYx7ilOYQZAvsetvZw5nFW639FZ/auyki9Mxo4lVHFBrXK
t/shn0PIOI+BzJCdn1AzkxM0TH0kNT0rO+uvfsEuiGLyuMtTyG2q8D0CgYEA59XL
6zQ6eWSF+f2fxwc4WUQkUb9YmxcwSo2eCZon3YIEcs2YV5bCaw7AdOeMFcW0paWb
hPDOBLcp5uHTlZ9Sh7+n3ZVK3hZ7wIlp+E+5NFsePSNMqTW5tXH64VyWPxev2gor
fSs5P09Tvb0sqemoRMnq4WQZ4JmqyIe6iUhYddkCgYEAkYejH7LiJhkrH7cT3Fgn
e5557A7ctPGcahIkjp7MkUK1Jo65bEdv9tbCehmd8ahA5gwpeO4WHDN1h3o+2jb3
NK+Rkti0OePiNee6IffspXjn+R2Equfk6hD9IP57BSt0C65qyIhoMuqSDe6FX4oL
DfR7l1/MS6w6hNp4NevbX/ECgYEAs6zW5esMhpiJ3T3bXv0Rht1w6IpLuac3HhCz
su1uiBYELJV6xCdrdl1weyoZP6aCYv7+kQGwKadrKi1LNmLMK7k1+F2EMKtsLcRS
BMiE2TblMKzy9RFWZHF55r9DEpLhDzNikRe2voJUfHDo9KbKasWy7AwQoil2WwQW
Zd9T78ECgYEAs2KWTs+ULtLIoEXiwHihjsBlMKIEZst4ZGjUBsfyruQa0xVsn5Bv
LEqLTPxp1HFOvjvFTESa2kU6dzSzLH0w0WCm9PmOe7xSeUbiojccxQabPD8knW40
9AjYB0JsoJsDXEm+UI4XfNUv6pTflqQRdvAfs9VRbmlQebv4qtRvPIs=
-----END RSA PRIVATE KEY-----

7
misc/stunnel.conf Normal file
View File

@@ -0,0 +1,7 @@
cert = /etc/ssl/screenly.crt
key = /etc/ssl/screenly.key
pid = /tmp/stunnel4.pid
[https]
accept = 443
connect = 127.0.0.1:8080