Fri, 31 Mar 2017 01:05:07 +0000
Abhinav Kushalnagar
Install a brand new version of Ubuntu Server 16.04 LTS  sudo apt-get update sudo apt-get install nginx -y Now nginx is installed. You can type in the IP address of the server to confirm. Create a new site in site-available for reverse proxy server Filename: myserver upstream myserver1 { # change the IP address and port as required server 192.168.1.100:80 fail_timeout=0; } server { listen 80; server_name myserver1.com; # replace this with your domain location / { proxy_pass http://myserver1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 180; proxy_send_timeout 180; proxy_read_timeout 180; } } Next you need to symlink these into /etc/nginx/sites-enabled and restart the server. cd ../sites-enabled ln -sf ../sites-available/myserver sudo service nginx restart Set up a webroot mkdir -p /var/www/ssl/myserver/.well-known # Create file we'll use later to test echo "I is awesome!" > /var/www/ssl/myserver/.well-known/test.html edit file /etc/nginx/sites-available/myserver (sudo nano) and add the new location. The final file will look like below: upstream myserver1 { # change the IP address and port as required server 192.168.1.100:80 fail_timeout=0; } server { listen 80; server_name myserver1.com; # replace this with your domain # Here we define the web-root for our SSL proof location /.well-known { # Note that a request for /.well-known/test.html will # look for /var/www/ssl/myserver/.well-known/test.html # and not /var/www/ssl/myserver/test.html root /var/www/ssl/myserver/; } location / { proxy_pass http://myserver1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 180; proxy_send_timeout 180; proxy_read_timeout 180; } } Restart nginx sudo service nginx restart Now install Certbot $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot Generate ssl $ certbot certonly --webroot -d example.com -d www.example.com For automatic renewing: certbot renew --dry-run Create directory to store the generated SSL certificates: $ sudo mkdir /etc/nginx/ssl $ sudo mkdir /etc/nginx/ssl/sitename Now enable 443 traffic into the site and remove .well-known by updating the sites-available file: upstream myserver1 { # change the IP address and port as required server 192.168.1.100:80 fail_timeout=0; } server { listen 80; listen 443 ssl; server_name myserver1.com; # replace this with your domain ssl on; ssl_certificate /etc/nginx/ssl/sitename.pem; ssl_certificate_key /etc/nginx/ssl/sitename-key.pem; location / { proxy_pass http://myserver1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 180; proxy_send_timeout 180; proxy_read_timeout 180; } }
 Back

Like on Facebook


 

Connect via LinkedIn


 

Sign Up for Newsletter

Sign up to receive our free newsletters!


We do not spam. We value your privacy!



Latest Pictures

    Recent Tweets

    Wanna Socialize?