Update Production HTTPS Setup

2025-02-07 18:49:04 +00:00 · 2025-02-07 18:49:04 +00:00 · cad33daa5f
commit cad33daa5f
parent 3da66339c9
1 changed files with 26 additions and 7 deletions
--- a/Production-HTTPS-Setup.md
+++ b/Production-HTTPS-Setup.md
@ -8,7 +8,7 @@
      - main      
    restart: unless-stopped
    volumes:
-      - ./https/nginx/automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
+      - ./https/nginx/initial_automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
    ports:
@ -47,8 +47,27 @@ SSL_CERT_EMAIL=support@shilohcode.com
 ```
 - Run `sudo docker compose up` to generate SSL cert
 - There should be a new /certbot folder created at the project root, and the cert and key `.pem` files should be created at `/etc/letsencrypt/live`
- After this completes, stop the containers `ctrl+c` and edit the `/https/nginx/automatisch_letsencrypt_nginx.conf` file to use the new SSL certs. Copy the configs in `/https/nginx/temp.conf` and overwrite `/https/nginx/automatisch_letsencrypt_nginx.conf`. It should look like this (using staging as an example):
+- After this completes, stop the containers `ctrl+c` and change the `nginx` service's `initial_automatisch_letsencrypt_nginx.conf` volume to `secondary_automatisch_letsencrypt_nginx.conf` which has the nginx configs for https/SSL:
 ```
+  nginx:
+    image: nginx:latest
+    depends_on:
+      - main      
+    restart: unless-stopped
+    volumes:
+      - ./https/nginx/initial_automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
+      - ./certbot/conf:/etc/letsencrypt
+      - ./certbot/www:/var/www/certbot
+    ports:
+      - ${PORT}:${PORT}
+      - 443:443
+```
+
+- secondary_automatisch_letsencrypt_nginx.conf:
+```
+# nginx conf file to use after LetsEncrypt SSL certs have been created
+# replace<HOSTNAME> with your DNS i.e.automatisch.lasthourhosting.org
+
 events {
    worker_connections  1024;
 }
@ -57,7 +76,7 @@ http {
    
    server {
        listen 7757;
-        server_name automatisch.lasthourhosting.org;
+        server_name <HOSTNAME>;

        location ~ /.well-known/acme-challenge/ {
            root /var/www/certbot;
@ -69,13 +88,13 @@ http {
    server {
        listen 443 ssl http2;
        # use ssl letsencrypt certs
-        ssl_certificate      /etc/letsencrypt/live/automatisch.lasthourhosting.org/fullchain.pem;
-        ssl_certificate_key  /etc/letsencrypt/live/automatisch.lasthourhosting.org/privkey.pem;
-        server_name automatisch.lasthourhosting.org;
+        ssl_certificate      /etc/letsencrypt/live/<HOSTNAME>/fullchain.pem;
+        ssl_certificate_key  /etc/letsencrypt/live/<HOSTNAME>/privkey.pem;
+        server_name <HOSTNAME>;


        location / {
-            proxy_pass http://automatisch.lasthourhosting.org:7757/;
+            proxy_pass http://<HOSTNAME>:7757/;
        }               

        location ~ /.well-known/acme-challenge/ {