add SSL functionality to docker

Dockerfile

@@ -2,13 +2,14 @@ FROM alpine:3.7
 
 VOLUME /var/www/app/data
 VOLUME /var/www/app/plugins
+VOLUME /etc/nginx/ssl
+EXPOSE 80 443
 
-EXPOSE 80
 
 ARG VERSION
 
 RUN apk update && \
-    apk add unzip nginx bash ca-certificates s6 curl ssmtp mailx php7 php7-phar php7-curl \
+    apk add openssl unzip nginx bash ca-certificates s6 curl ssmtp mailx php7 php7-phar php7-curl \
     php7-fpm php7-json php7-zlib php7-xml php7-dom php7-ctype php7-opcache php7-zip php7-iconv \
     php7-pdo php7-pdo_mysql php7-pdo_sqlite php7-pdo_pgsql php7-mbstring php7-session \
     php7-gd php7-mcrypt php7-openssl php7-sockets php7-posix php7-ldap php7-simplexml && \
@@ -26,5 +27,8 @@ RUN cd /tmp \
 
 ADD docker/ /
 
+
+
+
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD []

docker/etc/nginx/nginx.conf

@@ -20,6 +20,9 @@ http {
 
     server {
         listen       80;
+        listen       443 ssl;
+        ssl_certificate /etc/nginx/ssl/kanboard.crt;
+        ssl_certificate_key /etc/nginx/ssl/kanboard.key;
         server_name  localhost;
         index        index.php;
         root         /var/www/app;

docker/usr/local/bin/entrypoint.sh

@@ -1,5 +1,11 @@
 #!/bin/bash
 
+#generate a new self signed SSL certificate when none is provided in the volume
+if [ ! -f /etc/nginx/ssl/kanboard.key  ] || [ ! -f /etc/nginx/ssl/kanboard.crt ]
+then
+    openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/kanboard.key -out /etc/nginx/ssl/kanboard.crt -subj "/C=GB/ST=London/L=London/O=Self Signed/OU=IT Department/CN=kanboard.org"
+fi
+
 chown -R nginx:nginx /var/www/app/data
 chown -R nginx:nginx /var/www/app/plugins