Starting from the downloaded YAML file:
curl -f -O -L https://greenbone.github.io/docs/latest/_static/compose.yaml --output-dir “$DOWNLOAD_DIR”
- Copy your main and intermediate certficates to $DOWNLOAD_DIR
- cat main.crt intermediate.crt >> bundled.crt
- rm main.crt intermediate.crt
- Copy your certificate key (e.g cert.key) to $DOWNLOAD_DIR
- Edit compose.yaml (see below)
- Restart container
- Voila!
Steps to edit compose.yaml
- On gvm-config: section, change ENABLE_TLS_GENERATION: false
- On gvm-config: section, add your server_name: NGINX_HOST: "hostname.example.com”
- On gvm-config: section define the port: NGINX_HTTPS_PORT: “9443”
- On nginx: section, delete the non safe HTTP port from the port: subsection. Should be something like this: - 127.0.0.1:9392:9392
- On nginx: section, port: subsection, bind nginx to your ip: - 0.0.0.0:9443:9443
- On nginx: section, volumes: subsection, delete - nginx_certificates_vol:/etc/nginx/certs:ro
- On nginx: section, volumes: subsection, add - ./bundled.crt:/etc/nginx/certs/server.cert.pem:ro
- On nginx: section, volumes: subsection, add - ./cert.key:/etc/nginx/certs/server.key:ro
With that, you get nginx to listen on 0.0.0.0:9443 with SNI hostname.example.com and using the certificate pointed by bundled.crt and private key server.key
Cheers!