diff options
author | Renken <renken@shione.net> | 2023-12-24 23:44:41 +0100 |
---|---|---|
committer | Renken <renken@shione.net> | 2024-02-20 22:54:05 +0100 |
commit | 81b8b02ac9486a1e5248b56351712059faede632 (patch) | |
tree | f5567232ef1b4ed21787a2712a9e942aee0889e7 | |
parent | 5c25b1d0e778a2a5f20f6ce5b07e2ae272abf613 (diff) | |
download | shione-81b8b02ac9486a1e5248b56351712059faede632.tar.gz shione-81b8b02ac9486a1e5248b56351712059faede632.zip |
config, deploy: shione: nginx: enable https support
5 files changed, 13 insertions, 4 deletions
diff --git a/config/shione/nginx/debian/control b/config/shione/nginx/debian/control index 4b5b056..23693f4 100644 --- a/config/shione/nginx/debian/control +++ b/config/shione/nginx/debian/control @@ -9,7 +9,7 @@ Standards-Version: 4.1.0 Package: nginx-config Architecture: all Multi-Arch: foreign -Depends: ${misc:Depends}, nginx +Depends: ${misc:Depends}, nginx, certbot, python3-certbot-nginx Provides: ${diverted-files} Conflicts: ${diverted-files} Description: Shione nginx configuration. diff --git a/config/shione/nginx/files/etc/nginx/sites-available/shione.net b/config/shione/nginx/files/etc/nginx/sites-available/shione.net index 8dde59a..d35f0f8 100644 --- a/config/shione/nginx/files/etc/nginx/sites-available/shione.net +++ b/config/shione/nginx/files/etc/nginx/sites-available/shione.net @@ -24,8 +24,8 @@ server { # SSL configuration # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; + listen 443 ssl default_server; + listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 @@ -37,6 +37,11 @@ server { # Don't use them in a production server! # # include snippets/snakeoil.conf; + # managed by Certbot. + ssl_certificate /etc/letsencrypt/live/shione.net/fullchain.pem; + # managed by Certbot. + ssl_certificate_key /etc/letsencrypt/live/shione.net/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; root /var/www/html/www.shione.net; diff --git a/config/shione/nginx/files/etc/nginx/sites-enabled/homepage.conf b/config/shione/nginx/files/etc/nginx/sites-enabled/homepage.conf deleted file mode 120000 index 040f974..0000000 --- a/config/shione/nginx/files/etc/nginx/sites-enabled/homepage.conf +++ /dev/null @@ -1 +0,0 @@ -../sites-available/homepage.conf
\ No newline at end of file diff --git a/config/shione/nginx/files/etc/nginx/sites-enabled/shione.net b/config/shione/nginx/files/etc/nginx/sites-enabled/shione.net new file mode 120000 index 0000000..2c390bf --- /dev/null +++ b/config/shione/nginx/files/etc/nginx/sites-enabled/shione.net @@ -0,0 +1 @@ +../sites-available/shione.net
\ No newline at end of file diff --git a/deploy/shione/nginx/create_nginx_user.sh b/deploy/shione/nginx/create_nginx_user.sh index 8d5f13d..ebddaa5 100644 --- a/deploy/shione/nginx/create_nginx_user.sh +++ b/deploy/shione/nginx/create_nginx_user.sh @@ -3,3 +3,7 @@ set -eu adduser --system --no-create-home --verbose --debug nginx + +apt install nginx certbot python3-certbot-nginx + +certbot --nginx -d shione.net -d www.shione.net |