- add certbot description

Arno Kaimbacher 2020-07-14 18:40:56 +02:00
parent 568ee87397
commit 329e9e841b
3 changed files with 37 additions and 3 deletions

22
Home.md

@ -54,6 +54,10 @@ DB_PASSWORD=new_password_here
DB_SCHEMA=gba DB_SCHEMA=gba
``` ```
`.env` - Environment variables can be set in this file
***Note*** : You can quickly set the database information, the solr connection string and other variables in this file and have the application fully working.
Save and close the file and generate a new application key Save and close the file and generate a new application key
`php artisan key:generate` `php artisan key:generate`
@ -83,7 +87,7 @@ stop the service:
## Nginx Configuration ## Nginx Configuration
sudo nano /etc/nginx/sites-available/tethys-app `sudo nano /etc/nginx/sites-available/tethys-app`
**http-only configuration:** **http-only configuration:**
@ -130,7 +134,7 @@ server {
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
listen 443 ssl http2; listen 443 ssl http2;
server_name localhost; server_name localhost;
root /var/www/repository.geologie.ac.at/public/; root /var/www/tethys-app/public/;
client_max_body_size 100M; client_max_body_size 100M;
index index.html index.htm index.php; index index.html index.htm index.php;
@ -186,3 +190,17 @@ if everything is successful, reload updated nginx configuration:\
`sudo service nginx reload` `sudo service nginx reload`
The website is available at the following link: <http://localhost:80> The website is available at the following link: <http://localhost:80>
## Requesting https-certificate
`sudo certbot certonly --nginx --webroot-path=/var/www/tethys-app/ -d www.your_domain.at -d your_domain.at`
Adapt the settings 'ssl_certificate' and 'ssl_certificate_key' in the following file /etc/nginx/sites-available/tethys-app:\
`sudo nano /etc/nginx/sites-available/tethys-app`
```nginx
ssl_certificate /etc/letsencrypt/live/www.your_domain.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.your_domain.at/privkey.pem;
```
Certbot will autmatically renew outdated certificates. Sytemd services 'cerbot.service' and 'certbot.timer' are checking twice daily whether certificates have been expired.

@ -1,4 +1,4 @@
## Install PostgreSQL # Install PostgreSQL
`sudo apt install postgresql postgresql-contrib` `sudo apt install postgresql postgresql-contrib`

@ -114,3 +114,19 @@ Test your installation:\
+ test java installation:\ + test java installation:\
`java -version` `java -version`
## Installation certbot for https-certificate
+ add cerbot repository:\
`sudo add-apt-repository ppa:certbot/certbot`\
`sudo apt update`
+ install cerbot:\
`sudo apt install certbot`
+ response:\
The following NEW packages will be installed:\
certbot python3-acme python3-certbot python3-configargparse\
python3-configobj python3-future python3-icu python3-josepy python3-mock\
python3-ndg-httpsclient python3-parsedatetime python3-pbr\
python3-requests-toolbelt python3-rfc3339 python3-tz python3-zope.component\
python3-zope.event python3-zope.hookable python3-zope.interface\
0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded.