Created
November 22, 2016 01:04
-
-
Save blueplanet/60b1f1a20d7e7ad47d7e5e65771029f3 to your computer and use it in GitHub Desktop.
Heroku で Let's Encrypt 無料証明書を使う(自動更新あり) ref: http://qiita.com/blueplanet/items/b85634a0ced219e9ebe7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gem 'platform-api', github: 'jalada/platform-api', branch: 'master' | |
| gem 'letsencrypt-rails-heroku', group: 'production' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ heroku plugins:install heroku-cli-oauth | |
| $ heroku authorizations:create -d "LetsEncrypt" | |
| Created OAuth authorization. | |
| ID: <heroku-client-id> | |
| Description: LetsEncrypt | |
| Scope: global | |
| Token: <heroku-token> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| heroku config:add ACME_DOMAIN=example.com,www.example.com [email protected] HEROKU_APP=you_app_name HEROKU_TOKEN=上記で作成したtoken |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| heroku run rake letsencrypt:renew |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 毎月の1日が更新する | |
| if [ "$(date +%d)" = 01 ]; then rake letsencrypt:renew; fi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # application_controller.rb に追加 | |
| force_ssl if: :force_ssl? | |
| private | |
| def force_ssl? | |
| not request.path =~ /^.well-known\/acme-challenge/ | |
| end |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/environments/production.rb | |
| config.force_ssl = true | |
| config.ssl_options = { redirect: { exclude: -> request { request.path =~ /^.well-known\/acme-challenge/ } } } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rails.application.configure do | |
| ... | |
| config.middleware.use Letsencrypt::Middleware | |
| ... | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment