Last active
May 20, 2025 15:54
-
-
Save rorens05/8e5bbb87a5383588488bd7fba1ffe559 to your computer and use it in GitHub Desktop.
NGINX Setup and SSL Installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# install nginx | |
sudo apt-get install -y nginx-extras | |
# install generator | |
sudo apt install certbot python3-certbot-nginx |
To install NGINX
sudo apt-get install -y nginx-extras
For apache
sudo apt install certbot python3-certbot-apache
Create config file
sudo nano /etc/apache2/sites-enabled/support.tekteach.com.conf
Initial Config
<VirtualHost *:80>
ServerName support.tekteach.com
ServerAlias support.tekteach.com
ServerAdmin admin@example.com
DocumentRoot /var/www/osTicket/upload
<Directory /var/www/osTicket/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/osticket_error.log
CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
</VirtualHost>
Generate SSL
sudo certbot --apache
this is required for actioncable to work (Force SSL)
location /cable {
proxy_pass http://localhost:3000/cable;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 60s;
proxy_set_header X-Forwarded-Proto https;
}
Full Config
server {
server_name bytelift.ph;
location /cable {
proxy_pass http://localhost:3000/cable;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 60s;
proxy_set_header X-Forwarded-Proto https;
}
location / {
proxy_pass http://localhost:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
client_max_body_size 500M;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/bytelift.ph/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/bytelift.ph/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = bytelift.ph) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name bytelift.ph;
return 404; # managed by Certbot
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 60s;
proxy_set_header X-Forwarded-Proto https;
for react
server {
listen 80;
server_name webstore-prod.rorens.com;
root /var/www/skin-station-webstore-react/dist;
index index.html;
location / {
try_files $uri /index.html;
}
client_max_body_size 500M;
}
Setup the permissions
sudo chown -R www-data:www-data /var/www/skin-station-webstore-react
sudo find /var/www/skin-station-webstore-react -type d -exec chmod 755 {} \;
sudo find /var/www/skin-station-webstore-react -type f -exec chmod 644 {} \;
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sample config file once SSL is installed