From c50ff1837f7696a89c1cc7ee4ceea86844956166 Mon Sep 17 00:00:00 2001
From: Gael de Chalendar <gael.de-chalendar@cea.fr>
Date: Wed, 21 Apr 2021 12:22:30 +0200
Subject: [PATCH] Solve problem connecting to the https server

The issue https://github.com/arduino-libraries/WiFi101/issues/310 was
not in cause and will be closed. The problem was a nginx ssl config
server side.
---
 arduino/moisture_lcd/moisture_lcd.ino | 12 +++----
 etc/gunicorn.service                  | 13 +++++++
 etc/nginx.site                        | 52 +++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 6 deletions(-)
 create mode 100644 etc/gunicorn.service
 create mode 100644 etc/nginx.site

diff --git a/arduino/moisture_lcd/moisture_lcd.ino b/arduino/moisture_lcd/moisture_lcd.ino
index 4c4c313..4ec1d54 100644
--- a/arduino/moisture_lcd/moisture_lcd.ino
+++ b/arduino/moisture_lcd/moisture_lcd.ino
@@ -13,10 +13,10 @@
 // Web service parmeters
 
 // Set where you moistureduino Web service is listening
-//const String serverAddress = "moisture.nsupdate.info";  // server address
-//const int port = 443;
-const String serverAddress = "192.168.1.21";  // server address
-const int port = 8000;
+const String serverAddress = "moisture.nsupdate.info";  // server address
+const int port = 443;
+//const String serverAddress = "192.168.1.21";  // server address
+//const int port = 8000;
 
 ////////////////////////////////
 // Hardware parmeters
@@ -62,8 +62,8 @@ const String pass = SECRET_PASS;    // your network password (use for WPA, or us
 const String login = SECRET_LOGIN;        // your Web service user login
 const String password = SECRET_PASSWORD;  // your Web service user password
 
-//WiFiSSLClient wifi;
-WiFiClient wifi;
+WiFiSSLClient wifi;
+//WiFiClient wifi;
 HttpClient client = HttpClient(wifi, serverAddress, port);
 const String contentType = "application/x-www-form-urlencoded";
 
diff --git a/etc/gunicorn.service b/etc/gunicorn.service
new file mode 100644
index 0000000..b5fc415
--- /dev/null
+++ b/etc/gunicorn.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=gunicorn daemon
+After=network.target
+
+[Service]
+User=gael
+Group=www-data
+WorkingDirectory=/home/gael/Projets/moisture
+
+ExecStart=/home/gael/miniconda3/envs/moisture/bin/gunicorn --access-logfile /var/log/gunicorn/access.log --error-logfile /var/log/gunicorn/error.log --workers 2 --bind 192.168.1.21:8000 moisture.wsgi:application
+
+[Install]
+WantedBy=multi-user.target
diff --git a/etc/nginx.site b/etc/nginx.site
new file mode 100644
index 0000000..0b81b10
--- /dev/null
+++ b/etc/nginx.site
@@ -0,0 +1,52 @@
+################################
+## our HTTP server at port 80 ##
+################################
+server {
+      listen      80 default;
+      ## set up domain name here ##
+      server_name moisture.nsupdate.info;
+      access_log off;
+      error_log off;
+      ##** nginx redirect ALL http requests to https ** ##
+      return      301 https://$server_name$request_uri;
+}
+
+server {
+    listen                        443 ssl;
+
+    listen                        [::]:443 ssl;
+    server_name                   moisture.nsupdate.info;
+
+    location = /favicon.ico {
+        access_log off; log_not_found off;
+    }
+
+    ssl                           on;
+    ssl_certificate /etc/letsencrypt/live/myrga.nsupdate.info/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/myrga.nsupdate.info/privkey.pem; # managed by Certbot
+    ssl_trusted_certificate       /etc/letsencrypt/live/myrga.nsupdate.info/chain.pem;
+    ssl_dhparam                   /etc/ssl/certs/dhparam.pem;
+    ssl_session_cache             shared:SSL:1m;
+    ssl_session_timeout           1440m;
+#    ssl_buffer_size               8k;
+#    ssl_protocols                 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+#    ssl_ciphers                   TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SH
+A256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA
+-AES256-GCM-SHA384;
+#    ssl_prefer_server_ciphers     on;
+#    ssl_stapling                  on;
+#    ssl_stapling_verify           on;
+#    ssl_ecdh_curve                secp384r1:X25519:prime256v1;
+
+    location /static {
+        alias /home/gael/Projets/moisture/static;
+    }
+
+    location / {
+        include proxy_params;
+        proxy_pass http://192.168.1.21:8000/ ;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+
+}