Skip to content

idoshamun/gcp-letsencrypt-websockets-cluster

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Secured WebSockets cluster on GCP with Let's Encrypt

This project contains bash scripts for deploying a websockets cluster to Google Cloud Platform secured with Let's Encrypt SSL certificates.

There is a medium post which explains the solution architecture and how to run the code, if you want to get more details.

Please make sure Google Cloud SDK is installed before using these scripts.

These scripts are developed and tested on Ubuntu 14.04 and haven't been tried on any other OS or version.


Overview

The project is divided to three components:

  • Let's Encrypt renewal server - responsible for renewing the Let's Encrypt certificates and handling the ACME challenge
  • Application server - contains Nginx server to route the traffic to the local app server (docker based) or to the renewal server
  • WebSockets demo - simple echo websockets server written in NodeJS

The pre-deploy.sh script creates a new bucket to store all the SSL certificates. In addition, it stores the path to the bucket as a project metadata and generates a dhparam that will later be used by Nginx.

All the scripts are fully parameterized and the parameters can be found at the beginning of the scripts.

Please notice

You can't deploy the application server before you already have the certificates stored in GCS. So when first issuing the certificates, point your DNS to the external ip of the Let's Encrypt instance. After issuing, you can continue with the deployment and point the DNS to the static ip of the app-lb.


Credits

About

Automation scripts for building websockets cluster on GCP secured with Lets Encrypt certificates

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published