Last active
September 30, 2017 17:01
-
-
Save DreamerKlim/0b335bb81e8d0370e1197a061f531aaa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/// Установка letsencrypt | |
sudo apt install letsencrypt | |
/// Создаем каталог верификации Let’s Encrypt | |
sudo mkdir /var/www/ВАШ.ДОМЕН.РУ/ | |
/// Меняем владельца каталога | |
sudo chown www-data:www-data /var/www/ВАШ.ДОМЕН.РУ/ -R | |
/// Добавлем директиву в ранее созданный файл /etc/nginx/conf.d/rslsync.conf придавая ему такой вид | |
sudo nano /etc/nginx/conf.d/rslsync.conf | |
------------------- | |
server { | |
listen 80; | |
server_name ВАШ.ДОМЕН.РУ; | |
access_log /var/log/nginx/ВАШ.ДОМЕН.РУ.log; | |
location / { | |
proxy_pass http://127.0.0.1:8888; | |
} | |
location ~ /.well-known/acme-challenge { | |
root /var/www/ВАШ.ДОМЕН.РУ/; | |
allow all; | |
} | |
} | |
---------------------- | |
/// Перезагрузим nginx | |
sudo systemctl reload nginx | |
/// Выполняем следующую команду для получения сертификата | |
sudo letsencrypt certonly --webroot --agree-tos --email ВАШЕ@МЫЛО -d ВАШ.ДОМЕН.РУ -w /var/www/ВАШ.ДОМЕН.РУ/ | |
/// Ждем пару секунд и получаем положительный ответ: | |
IMPORTANT NOTES: | |
- Congratulations! Your certificate and chain have been saved at | |
/etc/letsencrypt/live/ВАШ.ДОМЕН.РУ/fullchain.pem. Your cert | |
will expire ... | |
/// Опять редактируем /etc/nginx/conf.d/rslsync.conf придавая такой вид | |
sudo nano /etc/nginx/conf.d/rslsync.conf | |
------------------------------------------------- | |
server { | |
listen 80; | |
server_name ВАШ.ДОМЕН.РУ; | |
return 301 https://$server_name$request_uri; | |
} | |
server { | |
listen 443 ssl http2; | |
server_name ВАШ.ДОМЕН.РУ; | |
ssl_protocols TLSv1.1 TLSv1.2; | |
ssl_certificate /etc/letsencrypt/live/ВАШ.ДОМЕН.РУ/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/ВАШ.ДОМЕН.РУ/privkey.pem; | |
access_log /var/log/nginx/ВАШ.ДОМЕН.РУ.log; | |
location / { | |
proxy_pass http://127.0.0.1:8888; | |
} | |
location ~ /.well-known/acme-challenge { | |
root /var/www/ВАШ.ДОМЕН.РУ/; | |
allow all; | |
} | |
} | |
------------------------------------------------------ | |
///Тестируем и перезагружаем nginx | |
sudo nginx -t | |
sudo systemctl reload nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment