Skip to content

Instantly share code, notes, and snippets.

@LolWalid

LolWalid/certbot.md

Created June 11, 2019 12:44
Show Gist options
  • Save LolWalid/86a5fc454c45d91a281d97b3d71c3fde to your computer and use it in GitHub Desktop.
Save LolWalid/86a5fc454c45d91a281d97b3d71c3fde to your computer and use it in GitHub Desktop.
Download ZIP
Rails, passenger, nginx setup Let's Encrypt
Raw
certbot.md

Generate certificate

certbot --nginx certonly

Edit nginx config

server {
    rails_env    production;
    listen 443 ssl; # managed by Certbot
    ssl    on;
    
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    server_name        sub.domain.com;
    passenger_enabled on;
    root /home/rails/my-project/current/public;
}

Add autorenewal cron

First dry run

certbot renew --dry-run --nginx-server-root /opt/nginx/conf --nginx-ctl /opt/nginx/sbin/nginx

Add the cron

0 */12 * * * certbot renew --nginx-server-root /opt/nginx/conf --nginx-ctl /opt/nginx/sbin/nginx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment