This commit is contained in:
@@ -216,10 +216,11 @@ sudo apt install nginx
|
||||
No need to adjust ufw firewall settings at all as am using digitalocean firewall
|
||||
|
||||
replaced default nginx site config file here /etc/nginx/sites-enabled/default
|
||||
with this configuration for initial testing:
|
||||
with this configuration for initial testing and no ssl or port 443 is required as certbot with nginx plugin will automatically fix that. Also if needed put www.domain in space after server name:
|
||||
server {
|
||||
listen 80;
|
||||
#server_name green.helloayanova.com *;
|
||||
|
||||
#server_name green.helloayanova.com;
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:7575;
|
||||
proxy_http_version 1.1;
|
||||
@@ -239,6 +240,61 @@ restart nginx to take effect
|
||||
systemctl restart nginx
|
||||
|
||||
Navigated to the ip address and it works properly but not ssl yet
|
||||
Also works with subdomain green.helloayanova.com so dns is active now
|
||||
|
||||
LETS ENCRYPT
|
||||
Install certbot
|
||||
apt install certbot python3-certbot-nginx
|
||||
|
||||
Edit default configuration file, uncomment server name (add www.green.helloayanova.com if had set it up in dns record but forgot to so just using green.helloayanova.com, put it all on same line space delimited)
|
||||
get certificate hopefully don't break other helloayanova.com domain stuff
|
||||
|
||||
sudo certbot --nginx -d green.helloayanova.com
|
||||
Accept prompts, accept to redirect to https, it will re-write the default config file to properly include the https ports and cert etc
|
||||
Here's what it produced:
|
||||
-------
|
||||
server {
|
||||
#listen 443 ssl default_server;
|
||||
#listen [::]:443 ssl default_server;
|
||||
|
||||
server_name green.helloayanova.com www.green.helloayanova.com;
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:7575;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_set_header Host $host;
|
||||
proxy_cache_bypass $http_upgrade;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
listen 443 ssl; # managed by Certbot
|
||||
ssl_certificate /etc/letsencrypt/live/green.helloayanova.com/fullchain.pem; # managed by Certbot
|
||||
ssl_certificate_key /etc/letsencrypt/live/green.helloayanova.com/privkey.pem; # managed by Certbot
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||
|
||||
}
|
||||
server {
|
||||
if ($host = green.helloayanova.com) {
|
||||
return 301 https://$host$request_uri;
|
||||
} # managed by Certbot
|
||||
|
||||
|
||||
listen 80;
|
||||
|
||||
server_name green.helloayanova.com www.green.helloayanova.com;
|
||||
return 404; # managed by Certbot
|
||||
|
||||
|
||||
}
|
||||
-----
|
||||
|
||||
Testing it out and works perfectly.
|
||||
|
||||
Rewrite these instructions for our own future hosting purposes.
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -303,7 +359,13 @@ useful for us to ref as well, should have done it long time ago.
|
||||
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
|
||||
██ ██ ███████ ██ ██████ ██ ██ ██ ██ ██ ████ ██████
|
||||
|
||||
|
||||
|
||||
|
||||
- 1 todo: on linux server test discovered lightbulb sample reports are coming up in listing first which is not what is expected
|
||||
- 1 todo: there are no default reports for any objects except a selected few, thought joyce was making a report for every object that's reportable
|
||||
will need to make a slew of default plain reports like customer etc
|
||||
|
||||
|
||||
|
||||
figure out a way to group by tags and also filter to only include tags that contain a string of text
|
||||
i.e. either run a report that groups by each tag found in *every* record
|
||||
|
||||
Reference in New Issue
Block a user