kirykr/SSL free using Let's encrypt for Nginx Ubuntu 16

## default
client_max_body_size 30M;

server {
    listen      80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

server {
  listen  443;
  server_name _;

  ssl   on;
  ssl_certificate     /etc/letsencrypt/live/www.cam-sport-training-center.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/www.cam-sport-training-center.com/privkey.pem;

  root /var/www/your-site-dir/current/public;

  location / {
    passenger_enabled on;
    rails_env staging;
  }

  location ~ \.(js|css|png|jpg|jpeg|gif|ico|html)$ {
    expires max;
    gzip_static on;
    add_header Cache-Control public;
    break;
  }

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  # Drop requests to non-rails requests
  location ~ \.(aspx|php|jsp|cgi|asp) {
    return 410;
   }
}

## gistfile1.txt
go to `https://letsencrypt.org/getting-started/` read the doc
go to https://certbot.eff.org and select server platform you're using

** Install
```
  $ sudo apt-get update
  $ sudo apt-get install software-properties-common
  $ sudo add-apt-repository universe
  $ sudo add-apt-repository ppa:certbot/certbot
  $ sudo apt-get update
  $ sudo apt-get install python-certbot-nginx
  $ pip install certbot-dns-route53 --user
```
install and configure aws cli in the sever
go to EC2 and allow inbounce traffic in Security group for HTTPS
`sudo certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -i nginx -d www.example.com -d example.com`


---
Ref: https://letsencrypt.org/getting-started/
     https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx
     https://docs.aws.amazon.com/cli/latest/userguide/cli-install-macos.html#awscli-install-osx-path

## SSL free using Let's encrypt for Nginx Ubuntu 16
First
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update

Install and configure aws cli in the sever

Install certbot-auto

user@webserver:~$ wget https://dl.eff.org/certbot-auto
user@webserver:~$ chmod a+x ./certbot-auto
user@webserver:~$ ./certbot-auto --help
$ ./certbot-auto plugins
$ sudo apt-get install certbot python-certbot-nginx

Run
sudo certbot certonly --dns-route53 -i apache -d "*.example.com" -d example.com

ln -s /etc/letsencrypt/live/romchong.com/fullchain.pem /opt/bitnami/apache2/conf/server.crt
ln -s /etc/letsencrypt/live/romchong.com/privkey.pem /opt/bitnami/apache2/conf/server.key

Edit
vim /opt/bitnami/apps/wordpress/htdocs/wp-config.php
Add to the very bottom of the file the following:
define('WP_ENCRYPT_SSL_CERTIFICATES_DIR_PATH', '/etc/letsencrypt/live');

Edit
vim /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf
Add to the top of the file the following:

```
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
```
	client_max_body_size 30M;

	server {
	listen 80 default_server;
	server_name _;
	return 301 https://$host$request_uri;
	}

	server {
	listen 443;
	server_name _;

	ssl on;
	ssl_certificate /etc/letsencrypt/live/www.cam-sport-training-center.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/www.cam-sport-training-center.com/privkey.pem;

	root /var/www/your-site-dir/current/public;

	location / {
	passenger_enabled on;
	rails_env staging;
	}

	location ~ \.(js\|css\|png\|jpg\|jpeg\|gif\|ico\|html)$ {
	expires max;
	gzip_static on;
	add_header Cache-Control public;
	break;
	}

	location ^~ /assets/ {
	gzip_static on;
	expires max;
	add_header Cache-Control public;
	}

	# Drop requests to non-rails requests
	location ~ \.(aspx\|php\|jsp\|cgi\|asp) {
	return 410;
	}
	}
	go to `https://letsencrypt.org/getting-started/` read the doc
	go to https://certbot.eff.org and select server platform you're using

	** Install
	```
	$ sudo apt-get update
	$ sudo apt-get install software-properties-common
	$ sudo add-apt-repository universe
	$ sudo add-apt-repository ppa:certbot/certbot
	$ sudo apt-get update
	$ sudo apt-get install python-certbot-nginx
	$ pip install certbot-dns-route53 --user
	```
	install and configure aws cli in the sever
	go to EC2 and allow inbounce traffic in Security group for HTTPS
	`sudo certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -i nginx -d www.example.com -d example.com`



	---
	Ref: https://letsencrypt.org/getting-started/
	https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx
	https://docs.aws.amazon.com/cli/latest/userguide/cli-install-macos.html#awscli-install-osx-path
	First
	$ sudo apt-get update
	$ sudo apt-get install software-properties-common
	$ sudo add-apt-repository universe
	$ sudo add-apt-repository ppa:certbot/certbot
	$ sudo apt-get update

	Install and configure aws cli in the sever

	Install certbot-auto

	user@webserver:~$ wget https://dl.eff.org/certbot-auto
	user@webserver:~$ chmod a+x ./certbot-auto
	user@webserver:~$ ./certbot-auto --help
	$ ./certbot-auto plugins
	$ sudo apt-get install certbot python-certbot-nginx

	Run
	sudo certbot certonly --dns-route53 -i apache -d "*.example.com" -d example.com

	ln -s /etc/letsencrypt/live/romchong.com/fullchain.pem /opt/bitnami/apache2/conf/server.crt
	ln -s /etc/letsencrypt/live/romchong.com/privkey.pem /opt/bitnami/apache2/conf/server.key

	Edit
	vim /opt/bitnami/apps/wordpress/htdocs/wp-config.php
	Add to the very bottom of the file the following:
	define('WP_ENCRYPT_SSL_CERTIFICATES_DIR_PATH', '/etc/letsencrypt/live');

	Edit
	vim /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf
	Add to the top of the file the following:

	```
	RewriteEngine On
	RewriteCond %{HTTPS} !=on
	RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
	```