Skip to content

Commit

Permalink
Add Let's Encrypt instructions
Browse files Browse the repository at this point in the history
  • Loading branch information
A5hleyRich authored Apr 12, 2019
1 parent 40230f4 commit d9e59ef
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions docs/misc/NGINX.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,37 @@ server {
}
```

If you wish to protect your site using a [Let's Encrypt](https://letsencrypt.org/) HTTPS certificate, you can do so using the [Certbot webroot plugin](https://certbot.eff.org/docs/using.html#webroot). Your `/etc/nginx/sites-enabled/yourfathom.com` file should be updated accordingly:

```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name yourfathom.com;
ssl_certificate /path/to/your/fullchain.pem;
ssl_certificate_key /path/to/your/privkey.pem;
location /.well-known {
alias /var/www/yourfathom.com/.well-known;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:9000;
}
}
```

The `alias` directive should point to the location where your `--webroot-path` is specified when generating the certificate (with `/.well-known` appended).

```
certbot certonly --webroot --webroot-path /var/www/yourfathom.com -d yourfathom.com
```

### Test NGINX configuration
```
sudo nginx -t
Expand Down

0 comments on commit d9e59ef

Please sign in to comment.