1 ssl

j edited this page 2023-07-02 12:57:13 +05:30

Table of Contents

• Using Let's encrypt to add ssl

Using Let's encrypt to add ssl

1. install simp_le in /opt/simp_le

 cd /opt
 git clone https://github.com/kuba/simp_le
 cd simp_le
 ./venv.sh

2. prepare nginx

add/edit vhost

server {
    listen   80;
    listen   [::]:80;
    server_name  ${domain} ~^video\d+\.${domain} media.${domain} www.${domain};
    location /.well-known/acme-challenge/ {
        root /srv/letsencrypt/;
        autoindex off;
    }
    if ($request_uri !~ "^/.well-known/acme-challenge/") {
          return 301 https://$host$request_uri;
    }
    access_log  /var/log/nginx/${domain}.access.log;
    error_log   /var/log/nginx/${domain}.error.log;
}

3. generate/update script update.sh:

#!/bin/bash
cd $(dirname $0)

function update {
    chown  root.ssl-cert key.pem 
    chmod 640 key.pem 
    service nginx reload
}

domain=$(basename $(pwd))
root=/srv/letsencrypt

subdomains="-d www.${domain} -d media.${domain}"
for i in `seq 0 41`; do
    subdomains="${subdomains} -d video${i}.${domain}"
done

/opt/simp_le/venv/bin/simp_le \
  -f account_key.json -f chain.pem -f cert.pem -f fullchain.pem -f key.pem \
  --email hostmaster@${domain} \
  -d ${domain} $subdomains --default_root $root && update

4. update nginx

tbd

5. add cronjob

tbd