Skip to content

Enable HTTPS with Zentao Docker Image #14

New issue
New issue
Open
Open
Enable HTTPS with Zentao Docker Image#14
Labels
enhancementNew feature or request
@drakosu

Description

@drakosu
drakosu
opened on Dec 27, 2023

This Docker image doesn't seem to support HTTPS by default.
I've done a quick patch today, just leave here for a record.

The patch takes official document as reference - linux一键安装包配置https. The trick is to modify debian/rootfs/opt/zbox/etc/apache/httpd.conf.tpl to make httpd.conf comes up with HTTPS related settings described in the official document.

Here are steps, in my practice I use docker-compose.yml:

  1. Bring up a Zentao container with docker-compose.yml configured properly according to README, and additionally mount a sharing folder. 
     volumes:
   - '/share/Container/Zentao/data:/data'
   - /share/Container/Zentao/backup:/mnt/backup
  2. copy folder /opt/zbox/etc/apache from the running Zentao to the mounted share folder. 
    ## Enter container
docker exec -it zentao /bin/bash
    ## in zantao container
cp -r /opt/zbox/etc/apache /mnt/backup
## Exit container
exit
  3. Modify /share/Container/Zentao/backup/apache/httpd.conf.tpl in reference to the official document 
{{#if HTTPS_ENABLE}}
Listen          {{APP_DEFAULT_PORT}} https
SSLPassPhraseDialog builtin
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
{{else}}
Listen          {{APP_DEFAULT_PORT}}
{{/if}}
  • Add followings before line 193. Note: Use the actual file names of your_cert.
{{#if HTTPS_ENABLE}}
 ErrorLog /opt/zbox/logs/ssl_error_log
 TransferLog /opt/zbox/logs/ssl_access_log
 CustomLog /opt/zbox/logs/ssl_custom_log combined
 LogLevel warn
 SSLEngine on
 SSLProtocol all -SSLv2 -SSLv3
 SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
 SSLCertificateFile /opt/zbox/etc/apache/cert/your_cert.crt
 SSLCertificateKeyFile /opt/zbox/etc/apache/cert/your_key.key
{{/if}}
  1. Restart Zentao with modified docker-compose.yml with following settings in the corresponding section. Note: Use your actual path_to_your_SSL_cert. 
     ports:
   - '443:80'
     volumes:
   - /share/Container/Zentao/data:/data
   - /share/Container/Zentao/backup/apache:/opt/zbox/etc/apache
   - /path_to_your_SSL_cert:/opt/zbox/etc/apache/cert
     environment:
   - HTTPS_ENABLE=true

With these steps, I am able to access my Zentao with HTTPS.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions