Requirements
Installation
sudo pkg install py35-certbot
Configuration
sudo certbot certonly --noninteractive --email mvoortman@pointpark.edu --agree-tos \
--webroot --webroot-path /home/mvoortman/www \
--domain mvoortman.it.pointpark.edu
You have to replace all the usernames with your own.
Make the following changes in this file using sudo ee /usr/local/etc/nginx/nginx.conf:
...
http {
...
# new server section to redirect all traffic to https
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
# this is the original server section now using https
server {
# comment or remove the next line
#listen 80;
# now enable https
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/etc/letsencrypt/live/mvoortman.it.pointpark.edu/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/mvoortman.it.pointpark.edu/privkey.pem;
ssl_trusted_certificate /usr/local/etc/letsencrypt/live/mvoortman.it.pointpark.edu/chain.pem;
...
}
...
}
And restart nginx:
sudo service nginx restart
Open the crontab with sudo ee /etc/crontab and add the following line to automatically renew the certificates:
13 3 * * * root /usr/local/bin/certbot renew --post-hook "service nginx restart"
If you want to proxy a project to node you can use the following few lines:
...
http {
...
server {
...
location /project/ {
proxy_pass http://127.0.0.1:3000/;
}
...
}
...
}