indywidualny · January 30, 2017 00:20
diff --git a/commands.sh b/commands.sh
 vim /etc/nginx/nginx.conf

 ...
 server {
    ...
    location ^~ /.well-known/acme-challenge/ {
        allow all;
        default_type "text/plain";
    }
    ...
 }
 ...


 certbot certonly --webroot -w /usr/share/nginx/html -d example.com
 certbot renew --dry-run 


 crontab -e

 # at 2:30 AM every day
 30 2 * * * certbot renew --quiet && /usr/sbin/nginx -s reload


 vim /etc/nginx/nginx.conf

 ...
 server {
    listen   80;
    listen   [::]:80;
    listen   443 default_server ssl;

    server_name example.com;

    ssl_certificate      /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/example.com/privkey.pem;

    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }

    ...

    location ^~ /.well-known/acme-challenge/ {
        allow all;
        default_type "text/plain";
    }
 }
 ...
	vim /etc/nginx/nginx.conf

	...
	server {
	...
	location ^~ /.well-known/acme-challenge/ {
	allow all;
	default_type "text/plain";
	}
	...
	}
	...


	certbot certonly --webroot -w /usr/share/nginx/html -d example.com
	certbot renew --dry-run


	crontab -e

	# at 2:30 AM every day
	30 2 * * * certbot renew --quiet && /usr/sbin/nginx -s reload


	vim /etc/nginx/nginx.conf

	...
	server {
	listen 80;
	listen [::]:80;
	listen 443 default_server ssl;

	server_name example.com;

	ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

	if ($scheme = http) {
	return 301 https://$server_name$request_uri;
	}

	...

	location ^~ /.well-known/acme-challenge/ {
	allow all;
	default_type "text/plain";
	}
	}
	...