Skip to content

NGINX Configuration

Jump to bottom
f0cker edited this page Dec 14, 2023 · 17 revisions

NGINX Config

To configure nginx, all config files are loaded from /var/crackq/files/nginx/, example configuration files are provided in ./cfg. You will need to update the nginx config for your environment. This should just be a matter of editing the following line in ./cfg/crackq_nginx.conf to your chosen domain name and adding your cert file/key:

server_name crackq.org;

This file will then be copied to /var/crackq/files/nginx/ during installation if you configured it before running the install script. If not, do it manually:

sudo cp ./cfg/crackq_nginx.conf /var/crackq/files/nginx/

TLS certs need to be placed here:

/var/crackq/files/nginx/conf.d/certificate.pem
/var/crackq/files/nginx/conf.d/private.pem

OR

If you really want to you can use self signed certs by using the below OpenSSL commands:

openssl req \
       -newkey rsa:4096 -nodes -keyout crackq.org.key \
       -x509 -days 365 -out crackq.org.crt

openssl x509 \
       -in crackq.org.crt \
       -signkey crackq.org.key \
       -x509toreq -out crackq.org.csr

openssl x509 \
       -signkey crackq.org.key \
       -in crackq.org.csr \
       -req -days 365 -out crackq.org.crt

sudo cp crackq.org.crt /var/crackq/files/nginx/conf.d/certificate.pem
sudo cp crackq.org.key /var/crackq/files/nginx/conf.d/private.pem

sudo chown -R crackq:crackq /var/crackq/files/nginx/ && sudo chmod -R 660 /var/crackq/files/nginx/

OR

If your box is on the public Internet (AWS EC2 for instance) you can use certbot/letsencrypt:

sudo apt-get install python-certbot
sudo certbot certonly --standalone -d crackq.org
sudo cp /etc/letsencrypt/keys/fullchain.pem /var/crackq/files/nginx/conf.d/certificate.pem
sudo cp /etc/letsencrypt/keys/privkey.pem /var/crackq/files/nginx/conf.d/private.pem

Don't forget to set the permissions accordingly if they are not already, config files should be only accessible to the crackq users (uid:1111).

You are now ready to launch the application using the containers you just built, this is done with the following docker-compose command (from the crackq dir):

sudo docker compose -f docker-compose.nvidia.yml up --build

There are multiple docker-compose files to choose from, the above is for a setup using Nvidia, though you could alternatively use docker-compose.opencl.yml, docker-compose.amd.yml or docker-compose.dev.yml depending on your setup. Compose files with wldapserver will additionally boot the OpenLDAP container.

Once this is complete you can move onto configuring authentication.

Discord Channel Invite

https://discord.gg/PN7CVbt494

CrackQ

Clone this wiki locally