In this instruction You can find some pattern to replace:
- $DOMAIN - domain that you want to change
-
$MYSQL_ROOT_PASSWORD$ - password for MySQLroot
user
sudo apt-get install git
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get install php7.1-fpm php7.1-mysql php7.1-xml php7.1-mbstring php7.1-curl
sudo apt-get install mysql-server
Open nano /etc/mysql/my.cnf
, then find
bind-address = 127.0.0.1
and replace to
bind-address = 0.0.0.0
Then create user with login root@%
:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD$' WITH GRANT OPTION;
Then restart server by executing next command
sudo service mysql restart
Install nginx
sudo apt-get install nginx
Create template for letsencrypt
sudo mkdir /etc/nginx/template/
sudo touch /etc/nginx/template/letsencrypt.conf
With that content:
location ~ ^/(.well-known) {
allow all;
root /opt/cert;
break;
}
sudo nano /etc/php/7.1/fpm/php.ini
Find cgi.fix_pathinfo
. This will be commented out with a semi-colon (;) and set to "1" by default.
Change it to
cgi.fix_pathinfo=0
Also you can config any other staff If you want Save and close the file when you are finished.
Rename /etc/php/7.1/fpm/pool.d/www.conf
to /etc/php/7.1/fpm/pool.d/$DOMAIN$.conf
(It's highly recommend to keep different sites in different pools)
Then
sudo nano /etc/php/7.1/fpm/pool.d/$DOMAIN$.conf
Change listen
parameter to
/run/php/$DOMAIN$.sock
Then save the file and execute
sudo service php7.1-fpm restart
PHP is ready to accept requests
Create new file with config in nginx
folder
sudo touch /etc/nginx/sites-available/000-$DOMAIN$.conf
and past content of the Server config
section below.
Then you need to create symlink to this file from /etc/nginx/sites-available/
folder
ln -s /etc/nginx/sites-available/000-$DOMAIN$.com /etc/nginx/sites-enabled/000-$DOMAIN$.com
Note: if you will have more then one site on this machine, it's recommended to increment 000 for each new site.
Restart Nginx
sudo service nginx restart
Run this commands
cd /usr/local/sbin
sudo wget https://dl.eff.org/certbot-auto
sudo chmod a+x /usr/local/sbin/certbot-auto
Create /opt/cert
folder
sudo mkdir /opt/cert
Incresing security of your SSL connection
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
Execeute this command. you can add -d DOMAIN_NAME
parameters to issue certificate for many domains
sudo certbot-auto certonly -a webroot --webroot-path=/opt/cert -d $DOMAIN$ -d www.$DOMAIN$
Open sudo nano /etc/nginx/sites-available/000-$DOMAIN$.conf
and uncomment lines:
ssl_certificate /etc/letsencrypt/live/$DOMAIN$/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$DOMAIN$/privkey.pem;
And restart Nginx
sudo service nginx restart