Created
May 17, 2018 07:40
-
-
Save yann-yinn/ac68d308b2069982f898736a3d76d2f0 to your computer and use it in GitHub Desktop.
Nginx conf with automatically renewed ssl certificate (cerbot) for NodeJS or React app (or any static files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # first install certbot and then run this command on your server | |
| # certbot certonly --authenticator standalone --pre-hook "nginx -s stop" --post-hook "nginx" | |
| # this will stop for a few seconds your nginx server and generate your Let's Encrypt ssl certificates, and configure | |
| # cron so that certificates are renewed automatically \o/ | |
| # now create your nginx conf for your nodejs app : | |
| # on port 80 (http), redirect to httpS (443) | |
| server { | |
| if ($host = www.your-domain.com) { | |
| return 301 https://$host$request_uri; | |
| } | |
| listen 80; | |
| server_name www.your-domain.com; | |
| return 404; # managed by Certbot | |
| } | |
| server { | |
| server_name www.your-domain.com; | |
| location / { | |
| # serve the node process running on port 3000 | |
| proxy_pass http://localhost:3000; | |
| } | |
| # use certificates managed by certbot | |
| listen 443 ssl; # managed by Certbot | |
| ssl_certificate /etc/letsencrypt/live/www.your-domain.com/fullchain.pem; # managed by Certbot | |
| ssl_certificate_key /etc/letsencrypt/live/www.your-domain.com/privkey.pem; # managed by Certbot | |
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@Goopil thx !