6543
/
certbot-scrypts
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

add current working nginx reverse config of dpsg-rott.de #1

New Issue
Open
opened 2019-08-03 21:56:43 +00:00 by 6543 · 2 comments
6543 commented 2019-08-03 21:56:43 +00:00
Owner
Copy Link
No description provided.
6543 commented 2019-08-03 22:41:43 +00:00
Author
Owner
Copy Link

~ # cat /etc/nginx/snippets/certbot.conf

location /.well-known/acme-challenge {
	root /var/www/certbot;
	default_type "text/plain";
}

~ # cat /etc/nginx/snippets/proxy_header.conf

proxy_set_header X-Real-IP  $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;

~ # cat /etc/nginx/snippets/ssl_options.conf

ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
#ssl_session_cache shared:SSL:50m;
ssl_dhparam /etc/ssl/nginx/dh4096.pem;
~ # cat /etc/nginx/snippets/certbot.conf ``` location /.well-known/acme-challenge { root /var/www/certbot; default_type "text/plain"; } ``` ~ # cat /etc/nginx/snippets/proxy_header.conf ``` proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; ``` ~ # cat /etc/nginx/snippets/ssl_options.conf ``` ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; ssl_prefer_server_ciphers on; #ssl_session_cache shared:SSL:50m; ssl_dhparam /etc/ssl/nginx/dh4096.pem; ```
6543 commented 2019-08-03 22:42:14 +00:00
Author
Owner
Copy Link

~ # cat /etc/nginx/sites-enabled/www.pfadfinder-rott.conf

server {
        listen 443 ssl http2;
        server_name pfadfinder-rott.de www.pfadfinder-rott.de;
        root /var/www/html;

        ssl_certificate /etc/letsencrypt/old/pfadfinder-rott.de/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/old/pfadfinder-rott.de/privkey.pem;
        include /etc/nginx/snippets/ssl_options.conf;

        include /etc/nginx/snippets/certbot.conf;

        location / {

		include /etc/nginx/snippets/proxy_header.conf;

		proxy_read_timeout    70;
		keepalive_timeout     70;
		send_timeout          70;
		client_max_body_size  2G;

		proxy_pass https://www.pfadfinder-rott;
	}   
}
~ # cat /etc/nginx/sites-enabled/www.pfadfinder-rott.conf ``` server { listen 443 ssl http2; server_name pfadfinder-rott.de www.pfadfinder-rott.de; root /var/www/html; ssl_certificate /etc/letsencrypt/old/pfadfinder-rott.de/fullchain.pem; ssl_certificate_key /etc/letsencrypt/old/pfadfinder-rott.de/privkey.pem; include /etc/nginx/snippets/ssl_options.conf; include /etc/nginx/snippets/certbot.conf; location / { include /etc/nginx/snippets/proxy_header.conf; proxy_read_timeout 70; keepalive_timeout 70; send_timeout 70; client_max_body_size 2G; proxy_pass https://www.pfadfinder-rott; } } ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: 6543/certbot-scrypts#1
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?