Last active
February 15, 2023 04:44
-
-
Save rorens05/8e5bbb87a5383588488bd7fba1ffe559 to your computer and use it in GitHub Desktop.
NGINX Setup and SSL Installation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# install nginx | |
sudo apt-get install -y nginx-extras | |
# install generator | |
sudo apt install certbot python3-certbot-nginx |
Sample config file once SSL is installed
server {
server_name gislingayen.com;
location /cable {
proxy_pass http://localhost:6000/cable;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://localhost:6000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
client_max_body_size 100M;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/gislingayen.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/gislingayen.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = gislingayen.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name gislingayen.com;
return 404; # managed by Certbot
}
To install NGINX
sudo apt-get install -y nginx-extras
For apache
sudo apt install certbot python3-certbot-apache
Create config file
sudo nano /etc/apache2/sites-enabled/support.tekteach.com.conf
Initial Config
<VirtualHost *:80>
ServerName support.tekteach.com
ServerAlias support.tekteach.com
ServerAdmin admin@example.com
DocumentRoot /var/www/osTicket/upload
<Directory /var/www/osTicket/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/osticket_error.log
CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
</VirtualHost>
Generate SSL
sudo certbot --apache
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Create config file
nano /etc/nginx/sites-enabled/[domain]
Note: Nginx config file name should be the same name as the domain
Sample config file
Generate Certificate
sudo certbot --nginx -d [domain] -d [other_domain]
verify autoupdate
sudo systemctl status certbot.timer
Verify NGINX config is correct
sudo nginx -t
Restart NGINX
sudo service nginx restart