commit 3bf8f1afb78c11ea2d73ee106545b2c63e0eb706
Author: Price Hiller <price@vircio.com>
Date:   Mon Oct 18 12:01:53 2021 -0500

    Nginx Updated Configuration

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..32826d7
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "CTFd"]
+	path = CTFd
+	url = https://github.com/CTFd/CTFd.git
diff --git a/CTFd b/CTFd
new file mode 160000
index 0000000..78b324e
--- /dev/null
+++ b/CTFd
@@ -0,0 +1 @@
+Subproject commit 78b324e577360f4bea33ca4dc5bb480d6e6cf894
diff --git a/Gen-Certs.sh b/Gen-Certs.sh
new file mode 100755
index 0000000..bd4d7a5
--- /dev/null
+++ b/Gen-Certs.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+rm -rf ./CTFd/ssl/*
+
+openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out ./CTFd/ssl/ctfd.crt -keyout ./CTFd/ssl/ctfd.key
diff --git a/http.conf b/http.conf
new file mode 100644
index 0000000..ab171cb
--- /dev/null
+++ b/http.conf
@@ -0,0 +1,58 @@
+worker_processes 4;
+
+
+events {
+  worker_connections 1024;
+}
+
+http {
+  
+  # Configuration containing list of application servers
+  upstream app_servers {
+
+    server ctfd:8000;
+  }
+
+  server {
+    # Unable to find a host match, enter here
+    listen 80 default_server;
+    return 444; # Malformed request, send back nginx custom return code
+  }
+
+  server {
+    listen 8443 ssl;
+    client_max_body_size 4G;
+
+    ssl_certificate /etc/ssl/ctfd.crt;
+    ssl_certificate_key /etc/ssl/ctfd.key;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+    # Handle Server Sent Events for Notifications
+    location /events {
+
+      proxy_pass http://app_servers;
+      proxy_redirect off;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Host $host;
+    }
+
+    # Proxy connections to the application servers
+    location / {
+
+      proxy_pass http://app_servers;
+      proxy_redirect off;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Host $host;
+    }
+  }
+
+  # Redirect all HTTP requests to HTTPS
+  server {
+    listen 80;
+    return 301 https://$hostname$request_uri;
+  }
+}
diff --git a/task.md b/task.md
new file mode 100644
index 0000000..f60da56
--- /dev/null
+++ b/task.md
@@ -0,0 +1,21 @@
+# Project
+Get the latest version of CTFD to work with a self-signed SSL cert with url https://sachackctf.cisnet
+
+## Requirements
+- VMWare hardware version 13 max
+- [Ubuntu 20 server](https://releases.ubuntu.com/20.04/ )
+- [CTFd 3.4.0](https://github.com/CTFd/CTFd)
+
+## Deliverables
+Which configurations need modifications, scripting, and other setup to permit SSL to work with CTFd 3.4.0
+
+## Additional Notes
+- Old configuration worked on ctfd 1.X, but 3.x changed the underlying framework and configuration files and our original configs no longer worked.
+- Poor documentation on how to setup SSL with ctfd.io
+
+## Task Notes
+
+- Using Docker version 20.10.8, build 3967b7d
+- NGINX Proxy is configured to run over the gunicorn worker for flask
+- Nginx configuration significantly modified as well as the docker-compose.yml to permit SSL
+- A script has been added "Gen-Certs.sh" that generates required self-signed keys for SSL