Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
reverse_proxy_guide [2019/02/15 18:47]
warmachine created 		reverse_proxy_guide [2019/03/28 18:26] (current)
warmachine
Line 2: Line 2:
  
 =====Install Nginx====== =====Install Nginx======
-sudo apt-get install nginx+<code>sudo apt-get install nginx</code>
  
 =====Requesting your initial certificate from Let's Encrypt===== =====Requesting your initial certificate from Let's Encrypt=====
Line 25: Line 25:
  
  
-Activate host1 with Symbolic Link+=====Activate host1 with Symbolic Link=====
  
 <code>ln -s /etc/nginx/sites-available/host1 /etc/nginx/sites-enabled/host1 <code>ln -s /etc/nginx/sites-available/host1 /etc/nginx/sites-enabled/host1
 service nginx restart</code> service nginx restart</code>
  
-Install Certbot+=====Install Certbot=====
  
 <code>wget https://dl.eff.org/certbot-auto <code>wget https://dl.eff.org/certbot-auto
Line 36: Line 36:
 ./certbot-auto --help</code> ./certbot-auto --help</code>
  
-Create the directory for the Acme Challange+=====Create the directory for the Acme Challenge=====
  
 <code>mkdir /var/www/sub.domain.com/</code> <code>mkdir /var/www/sub.domain.com/</code>
  
-Issue the certificate+=====Issue the certificate=====
  
-**(Make sure you are in the directory where you installed Certbot)**+<color #ed1c24>(Make sure you are in the directory where you installed Certbot)\\ 
 +**(typically: /opt/eff.org/certbot/venv/local/bin/)**</color>
  
 <code>./certbot-auto certonly --webroot -w /var/www/sub.domain.com/ -d sub.domain.com</code> <code>./certbot-auto certonly --webroot -w /var/www/sub.domain.com/ -d sub.domain.com</code>
Line 50: Line 51:
 <code>/etc/letsencrypt/live/sub.domain.com/</code> <code>/etc/letsencrypt/live/sub.domain.com/</code>
  
-Configuring nginx to use your certificate+=====Configuring nginx to use your certificate=====
  
 **(Please Modify sub.domain.com to your domain)** **(Please Modify sub.domain.com to your domain)**
Line 56: Line 57:
 <code>nano /etc/nginx/sites-available/host1</code> <code>nano /etc/nginx/sites-available/host1</code>
  
-Add both the HTTPS redirect and the SSL pathes+=====Add both the HTTPS redirect and the SSL pathes=====
  
 **(Replace Proxy Pass Address with the exact URL IP + Port used internally to reach the server via http)** **(Replace Proxy Pass Address with the exact URL IP + Port used internally to reach the server via http)**
Line 91: Line 92:
 Continue as needed for however many hosts/subdomains you want to Proxy for. Continue as needed for however many hosts/subdomains you want to Proxy for.
  
-Set up autorenewal for Certificates:+=====Set up autorenewal for Certificates:=====
  
 <code>nano /etc/crontab</code> <code>nano /etc/crontab</code>
  
-Add the following line+=====Add the following line=====
  
 **(Replace folder with the location of your certbot-auto script)** **(Replace folder with the location of your certbot-auto script)**
  
 <code>47 4    * * *   root    /folder/certbot-auto renew --quiet --renew-hook "service nginx reload"</code> <code>47 4    * * *   root    /folder/certbot-auto renew --quiet --renew-hook "service nginx reload"</code>
Last modified: le 2019/02/15 18:47

Page Tools