From cad33daa5f8f54520aae5a5658eec4b946af5c28 Mon Sep 17 00:00:00 2001
From: Linden Crandall <lindencrandall123@gmail.com>
Date: Fri, 7 Feb 2025 18:49:04 +0000
Subject: [PATCH] Update Production HTTPS Setup

---
 Production-HTTPS-Setup.md | 33 ++++++++++++++++++++++++++-------
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/Production-HTTPS-Setup.md b/Production-HTTPS-Setup.md
index 56e5216..038c960 100644
--- a/Production-HTTPS-Setup.md
+++ b/Production-HTTPS-Setup.md
@@ -8,7 +8,7 @@
       - main      
     restart: unless-stopped
     volumes:
-      - ./https/nginx/automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
+      - ./https/nginx/initial_automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
       - ./certbot/conf:/etc/letsencrypt
       - ./certbot/www:/var/www/certbot
     ports:
@@ -47,8 +47,27 @@ SSL_CERT_EMAIL=support@shilohcode.com
 ```
 - Run `sudo docker compose up` to generate SSL cert
 - There should be a new /certbot folder created at the project root, and the cert and key `.pem` files should be created at `/etc/letsencrypt/live`
-- After this completes, stop the containers `ctrl+c` and edit the `/https/nginx/automatisch_letsencrypt_nginx.conf` file to use the new SSL certs. Copy the configs in `/https/nginx/temp.conf` and overwrite `/https/nginx/automatisch_letsencrypt_nginx.conf`. It should look like this (using staging as an example):
+- After this completes, stop the containers `ctrl+c` and change the `nginx` service's `initial_automatisch_letsencrypt_nginx.conf` volume to `secondary_automatisch_letsencrypt_nginx.conf` which has the nginx configs for https/SSL:
 ```
+  nginx:
+    image: nginx:latest
+    depends_on:
+      - main      
+    restart: unless-stopped
+    volumes:
+      - ./https/nginx/initial_automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/
+      - ./certbot/conf:/etc/letsencrypt
+      - ./certbot/www:/var/www/certbot
+    ports:
+      - ${PORT}:${PORT}
+      - 443:443
+```
+
+- secondary_automatisch_letsencrypt_nginx.conf:
+```
+# nginx conf file to use after LetsEncrypt SSL certs have been created
+# replace<HOSTNAME> with your DNS i.e.automatisch.lasthourhosting.org
+
 events {
     worker_connections  1024;
 }
@@ -57,7 +76,7 @@ http {
     
     server {
         listen 7757;
-        server_name automatisch.lasthourhosting.org;
+        server_name <HOSTNAME>;
 
         location ~ /.well-known/acme-challenge/ {
             root /var/www/certbot;
@@ -69,13 +88,13 @@ http {
     server {
         listen 443 ssl http2;
         # use ssl letsencrypt certs
-        ssl_certificate      /etc/letsencrypt/live/automatisch.lasthourhosting.org/fullchain.pem;
-        ssl_certificate_key  /etc/letsencrypt/live/automatisch.lasthourhosting.org/privkey.pem;
-        server_name automatisch.lasthourhosting.org;
+        ssl_certificate      /etc/letsencrypt/live/<HOSTNAME>/fullchain.pem;
+        ssl_certificate_key  /etc/letsencrypt/live/<HOSTNAME>/privkey.pem;
+        server_name <HOSTNAME>;
 
 
         location / {
-            proxy_pass http://automatisch.lasthourhosting.org:7757/;
+            proxy_pass http://<HOSTNAME>:7757/;
         }               
 
         location ~ /.well-known/acme-challenge/ {