Add SSL suport for docker install

Signed-off-by: walkafwalka <41709139+walkafwalka@users.noreply.github.com>

INSTALL.md

@@ -439,7 +439,11 @@ Before starting the build process, review the [inventory](./installer/inventory)
 
 *host_port*
 
-> Provide a port number that can be mapped from the Docker daemon host to the web server running inside the AWX container. Defaults to *80*.
+> Provide a port number that can be mapped from the Docker daemon host to the web server running inside the AWX container. Defaults to *443*.
+
+*ssl_certificate*
+
+> Optionally, provide the path to a file that contains a certificate and its private key.
 
 *use_docker_compose*
 
@@ -527,7 +531,7 @@ After the playbook run completes, Docker will report up to 5 running containers.
 ```bash
 CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                NAMES
 e240ed8209cd        awx_task:1.0.0.8    "/tini -- /bin/sh ..."   2 minutes ago       Up About a minute   8052/tcp                             awx_task
-1cfd02601690        awx_web:1.0.0.8     "/tini -- /bin/sh ..."   2 minutes ago       Up About a minute   0.0.0.0:80->8052/tcp                 awx_web
+1cfd02601690        awx_web:1.0.0.8     "/tini -- /bin/sh ..."   2 minutes ago       Up About a minute   0.0.0.0:443->8052/tcp                 awx_web
 55a552142bcd        memcached:alpine    "docker-entrypoint..."   2 minutes ago       Up 2 minutes        11211/tcp                            memcached
 84011c072aad        rabbitmq:3          "docker-entrypoint..."   2 minutes ago       Up 2 minutes        4369/tcp, 5671-5672/tcp, 25672/tcp   rabbitmq
 97e196120ab3        postgres:9.6        "docker-entrypoint..."   2 minutes ago       Up 2 minutes        5432/tcp                             postgres

installer/inventory

@@ -52,7 +52,8 @@ dockerhub_base=ansible
 awx_task_hostname=awx
 awx_web_hostname=awxweb
 postgres_data_dir=/tmp/pgdocker
-host_port=80
+host_port=443
+#ssl_certificate=
 
 # Docker Compose Install
 # use_docker_compose=false

installer/roles/image_build/templates/Dockerfile.j2

@@ -53,6 +53,10 @@ RUN rm -rf /tmp/*
 
 RUN echo "{{ awx_version }}" > /var/lib/awx/.tower_version
 ADD nginx.conf /etc/nginx/nginx.conf
+RUN openssl req -newkey rsa:4906 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem -subj "/CN=localhost/" && \
+    cat certificate.pem key.pem > /etc/nginx/awxweb.pem && \
+    chmod 0600 /etc/nginx/awxweb.pem && \
+    rm certificate.pem key.pem
 ADD supervisor.conf /supervisor.conf
 ADD supervisor_task.conf /supervisor_task.conf
 ADD launch_awx.sh /usr/bin/launch_awx.sh

installer/roles/image_build/templates/nginx.conf

@@ -36,7 +36,10 @@ http {
     }
 
     server {
-        listen 8052 default_server;
+        listen 8052 ssl default_server;
+
+        ssl_certificate /etc/nginx/awxweb.pem;
+        ssl_certificate_key /etc/nginx/awxweb.pem;
 
         # If you have a domain name, this is where to add it
         server_name _;

installer/roles/local_docker/tasks/standalone.yml

@@ -86,6 +86,7 @@
       {{
         ([project_data_dir + ':/var/lib/awx/projects:z'] if project_data_dir is defined else [])
         + ([ca_trust_dir + ':/etc/pki/ca-trust/source/anchors:ro'] if ca_trust_dir is defined else [])
+        + ([ssl_certificate + ':/etc/nginx/awxweb.pem:ro'] if ssl_certificate is defined else [])
       }}
     user: root
     ports: