Last active
June 13, 2017 19:37
-
-
Save nilsmagnus/a1af0b74585398ae6d63da48aaa736b9 to your computer and use it in GitHub Desktop.
Nginx + certbot mini howto and config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #1: install nginx | |
| #2: install certbot and follow instructions to generate certificate: https://certbot.eff.org/ | |
| #3: configure nginx with the content below(replace references to bytecode.no with your domain(s) | |
| #4: add a cronjob as root: | |
| 0 1 */15 * * certbot renew >/dev/null 2>&1 | |
| #5: submit request to be sts preloaded in chrome here: https://hstspreload.org/ | |
| server { | |
| server_name bytecode.no www.bytecode.no; | |
| listen 80; | |
| listen [::]:80; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| server_name bytecode.no www.bytecode.no; | |
| listen 443 ssl; | |
| listen [::]:443 ssl; | |
| ssl_certificate /etc/letsencrypt/live/bytecode.no/fullchain.pem; # managed by Certbot | |
| ssl_certificate_key /etc/letsencrypt/live/bytecode.no/privkey.pem; # managed by Certbot | |
| add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
| root /var/www/html; | |
| # Add index.php to the list if you are using PHP | |
| index index.html index.htm index.nginx-debian.html; | |
| location / { | |
| # First attempt to serve request as file, then | |
| # as directory, then fall back to displaying a 404. | |
| try_files $uri $uri/ =404; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment