From b97c8bb9452b393c8afc007e0512e8a14bfedb74 Mon Sep 17 00:00:00 2001 From: Zack Date: Sat, 13 Feb 2016 20:22:37 -0500 Subject: [PATCH 1/5] Create README.md Former-commit-id: 6ea0d59fccb3fa341ffd0cd90c75672f7cf80ef9 [formerly d4ed70bde4f0ca9c490b0ffa7e5caa09f673f468] [formerly 8867ae8d724359b3f3beab2e6d3039de38de223f [formerly 3296bdb20ebe37fb0747d9b349bdaa95accd2258 [formerly 17c99343fcff78e577ffd287bb65007b82b636b9]]] Former-commit-id: 14bdf63360f7b0f5a958af1dd36fcba9171de4c8 [formerly 661dc438bb508e5367c5c7afd5aa21e42b314997] Former-commit-id: cb37176a827262c5e213d7795b4b9db6c74dc889 Former-commit-id: c137f600225f117c8d2ea3e7c8424d0a2897e511 --- letsencrypt/README.md | 62 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 letsencrypt/README.md diff --git a/letsencrypt/README.md b/letsencrypt/README.md new file mode 100644 index 0000000..307568e --- /dev/null +++ b/letsencrypt/README.md @@ -0,0 +1,62 @@ +To use letsencrypt follow these steps: + +``` +git clone https://github.com/letsencrypt/letsencrypt +cd letsencrypt +sudo ./letsencrypt-auto certonly --standalone --email youremail@somewhere.com -d yourserver.com +``` + +And then replace the NGINX file in `../install` with the following: + +``` +server { + listen 80; + server_name ADDRESS; + rewrite ^ https://$server_name$request_uri? permanent; +} + +server { + # SERVER BLOCK FOR ADDRESS + listen 443 ssl; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_certificate /etc/letsencrypt/live/ADDRESS/cert.pem; + ssl_certificate_key /etc/letsencrypt/live/ADDRESS/privkey.pem; + + access_log /etc/nginx/logs/access-ADDRESS.log; + error_log /etc/nginx/logs/error-ADDRESS.log info; + root CUR_DIR; + server_name ADDRESS; + + # Media: images, icons, video, audio, HTC + location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + } + + # CSS and Javascript + location ~* \.(?:css|js)$ { + expires 1y; + access_log off; + add_header Cache-Control "public"; + } + + location ^~ /static { + try_files $uri $uri/ =404; + } + + location ~ ^/ { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-NginX-Proxy true; + + proxy_pass https://127.0.0.1:PORT; + proxy_redirect off; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +} +``` From 45af3d4f192efd3a7fe22dd37d811e539063f2a5 Mon Sep 17 00:00:00 2001 From: Zack Date: Sat, 13 Feb 2016 20:23:10 -0500 Subject: [PATCH 2/5] Update README.md Former-commit-id: 7c91481f5eadd309b7547cee730dc397f975a658 [formerly decaccea59c27e736371d97cc4de9814f8852b31] [formerly c6f7ceea626c74a23df4343d1487804346b5ce4c [formerly 822b14b6bcbab1247d02fae6c3e2a33ca50d9db5 [formerly f00d69399b41066ea3826f8e2c20e1e20e23f8fa]]] Former-commit-id: 8578c7f2bf0879053e46225465cf11fad18eb52b [formerly 8ecd2d1d3847cfddecd6187907a47ec8fb7246e4] Former-commit-id: f5abfd0360f7efbba4c761ae022f9d65aaae31a2 Former-commit-id: 04c2cc37cfccfdf5204b2baf12182f5b03d428a9 --- letsencrypt/README.md | 55 ------------------------------------------- 1 file changed, 55 deletions(-) diff --git a/letsencrypt/README.md b/letsencrypt/README.md index 307568e..156f343 100644 --- a/letsencrypt/README.md +++ b/letsencrypt/README.md @@ -5,58 +5,3 @@ git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt sudo ./letsencrypt-auto certonly --standalone --email youremail@somewhere.com -d yourserver.com ``` - -And then replace the NGINX file in `../install` with the following: - -``` -server { - listen 80; - server_name ADDRESS; - rewrite ^ https://$server_name$request_uri? permanent; -} - -server { - # SERVER BLOCK FOR ADDRESS - listen 443 ssl; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_certificate /etc/letsencrypt/live/ADDRESS/cert.pem; - ssl_certificate_key /etc/letsencrypt/live/ADDRESS/privkey.pem; - - access_log /etc/nginx/logs/access-ADDRESS.log; - error_log /etc/nginx/logs/error-ADDRESS.log info; - root CUR_DIR; - server_name ADDRESS; - - # Media: images, icons, video, audio, HTC - location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { - expires 1M; - access_log off; - add_header Cache-Control "public"; - } - - # CSS and Javascript - location ~* \.(?:css|js)$ { - expires 1y; - access_log off; - add_header Cache-Control "public"; - } - - location ^~ /static { - try_files $uri $uri/ =404; - } - - location ~ ^/ { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header X-NginX-Proxy true; - - proxy_pass https://127.0.0.1:PORT; - proxy_redirect off; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } -} -``` From 029a4ee18a91f92ad2a58b28fb7407538421992f Mon Sep 17 00:00:00 2001 From: Zack Date: Sat, 13 Feb 2016 20:23:24 -0500 Subject: [PATCH 3/5] Create awwkoala.ssl.nginx Former-commit-id: 66e408b0515bc0f5b153c86cb6d921e3498b7ab9 [formerly 638216bfa3e3dd8e3fca48deee6c840d179e73f8] [formerly b47acb1d7c4cb2cc0a17e81481010f10139b1293 [formerly 40ff960a768b0cb4694cab29ba78b306f8a4e07a [formerly 1a2db9ce1cbc14b9817e2720fd28f323d23f25bc]]] Former-commit-id: bfa2b68b933b73de0e5dd4977e5d5fab5b73cedf [formerly 9eee1bb571a0c59a041b78533114a58fcdda7101] Former-commit-id: ab088f318f7e7bd6c4c0b21a4c740eafb0808f66 Former-commit-id: 8e8ae2ac01cdde753e67ad3cb99da6cbd2be135d --- letsencrypt/awwkoala.ssl.nginx | 50 ++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 letsencrypt/awwkoala.ssl.nginx diff --git a/letsencrypt/awwkoala.ssl.nginx b/letsencrypt/awwkoala.ssl.nginx new file mode 100644 index 0000000..90efeb5 --- /dev/null +++ b/letsencrypt/awwkoala.ssl.nginx @@ -0,0 +1,50 @@ +server { + listen 80; + server_name ADDRESS; + rewrite ^ https://$server_name$request_uri? permanent; +} + +server { + # SERVER BLOCK FOR ADDRESS + listen 443 ssl; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_certificate /etc/letsencrypt/live/ADDRESS/cert.pem; + ssl_certificate_key /etc/letsencrypt/live/ADDRESS/privkey.pem; + + access_log /etc/nginx/logs/access-ADDRESS.log; + error_log /etc/nginx/logs/error-ADDRESS.log info; + root CUR_DIR; + server_name ADDRESS; + + # Media: images, icons, video, audio, HTC + location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + } + + # CSS and Javascript + location ~* \.(?:css|js)$ { + expires 1y; + access_log off; + add_header Cache-Control "public"; + } + + location ^~ /static { + try_files $uri $uri/ =404; + } + + location ~ ^/ { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-NginX-Proxy true; + + proxy_pass https://127.0.0.1:PORT; + proxy_redirect off; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +} From 70c6583a0c7fbe43ad8fd4b14594bdf4bf48eec9 Mon Sep 17 00:00:00 2001 From: Zack Date: Sat, 13 Feb 2016 20:26:01 -0500 Subject: [PATCH 4/5] Update README.md Former-commit-id: 49890cc9713ca6f9eed1c6546f8576dddd47f996 [formerly 79da79e1c91692800d93c514df16ff3a059bccb3] [formerly 05a10f90300ef2bb144b06c0cfc67293107734f4 [formerly 86f54720af2ec316a619d1f40e8ad612658f0a95 [formerly 5effcda1720bf1e5e5fa907fdb7a82f99333b749]]] Former-commit-id: b0069f957ca34b9be3918418f525dbe9f9edda25 [formerly 7ca7ac6ea2b5bf4131cf8a8e600a7d66fd6ac029] Former-commit-id: 41ca6cb1e55125bde1fedfb42fb66689bb8d2eb5 Former-commit-id: adfd1021466d47ef7af0a807031d146cd61e8662 --- letsencrypt/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/letsencrypt/README.md b/letsencrypt/README.md index 156f343..4d0ddd9 100644 --- a/letsencrypt/README.md +++ b/letsencrypt/README.md @@ -5,3 +5,9 @@ git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt sudo ./letsencrypt-auto certonly --standalone --email youremail@somewhere.com -d yourserver.com ``` + +Use the NGINX block in this directory. Then startup `awwkoala` with + +```bash +sudo ./awwkoala -p :8001 -key /etc/letsencrypt/live/yourserver.com/privkey.pem -crt /etc/letsencrypt/live/yourserver.com/cert.pem yourserver.com +``` From ddb3dae32ae45823b56b638c73dbb265b3008923 Mon Sep 17 00:00:00 2001 From: Zack Date: Sat, 13 Feb 2016 20:32:15 -0500 Subject: [PATCH 5/5] Update README.md Former-commit-id: a5ea5763c48a438e3bb7fabffcf65f21c7ef56fc [formerly c8470c5418190d4ead4c0647c69b170667caad5a] [formerly 0be91e43b79a25094e1aea4bce2c4ef09e5e2de5 [formerly ece4780d904f45ce7907fae6ece29f9cf3780933 [formerly a9bb3daf0c81ead0fc97ee3cca8cb8a8fe59bfa6]]] Former-commit-id: 0a4edf33449b26678780305855e8a1fbd88c3380 [formerly 4c18e9234c9bca967c50ece1ed8bffcfbc2b9f54] Former-commit-id: 4b05bedc97ac2c83e76318ce87913247dcfeb7c1 Former-commit-id: 4efc0dbf4700c2de467f6c29d1116d75e47a615a --- letsencrypt/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/letsencrypt/README.md b/letsencrypt/README.md index 4d0ddd9..d5ab27b 100644 --- a/letsencrypt/README.md +++ b/letsencrypt/README.md @@ -1,12 +1,16 @@ +First install the NGINX block in this directory. + To use letsencrypt follow these steps: ``` git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt +sudo service nginx stop sudo ./letsencrypt-auto certonly --standalone --email youremail@somewhere.com -d yourserver.com +sudo service nginx start ``` -Use the NGINX block in this directory. Then startup `awwkoala` with +Then startup `awwkoala` with ```bash sudo ./awwkoala -p :8001 -key /etc/letsencrypt/live/yourserver.com/privkey.pem -crt /etc/letsencrypt/live/yourserver.com/cert.pem yourserver.com