mirror of
https://github.com/schollz/cowyo.git
synced 2023-08-10 21:13:00 +03:00
Merge pull request #24 from schollz/ssl
Ssl Former-commit-id: 72d1ceec506f6c3138b3cf2d1ee0f2cb95ce3bd6 [formerly 5e317d2905d571d874594f17c98ee7a67e2b70f0] [formerly 525ef6ea5ed8699d66036adca51fee59649bedf4 [formerly 03662748648213b194735b510dbac9fa5b774e73 [formerly2434f7bb68]]] Former-commit-id: 406bc24c6fcb3ed85c41b4a7c86e06ca05dbc112 [formerly 4c57b8deda97a12ef2a9eb9772faebe546ca2c67] Former-commit-id: 490d9758fa4aeb02522724fd7c0d240c0e7c0bc9 Former-commit-id:45f43c119b
This commit is contained in:
Zack
commit
735ed37231
17
letsencrypt/README.md
Normal file
17
letsencrypt/README.md
Normal file
@ -0,0 +1,17 @@
|
||||
First install the NGINX block in this directory.
|
||||
|
||||
To use letsencrypt follow these steps:
|
||||
|
||||
```
|
||||
git clone https://github.com/letsencrypt/letsencrypt
|
||||
cd letsencrypt
|
||||
sudo service nginx stop
|
||||
sudo ./letsencrypt-auto certonly --standalone --email youremail@somewhere.com -d yourserver.com
|
||||
sudo service nginx start
|
||||
```
|
||||
|
||||
Then startup `awwkoala` with
|
||||
|
||||
```bash
|
||||
sudo ./awwkoala -p :8001 -key /etc/letsencrypt/live/yourserver.com/privkey.pem -crt /etc/letsencrypt/live/yourserver.com/cert.pem yourserver.com
|
||||
```
|
||||
50
letsencrypt/awwkoala.ssl.nginx
Normal file
50
letsencrypt/awwkoala.ssl.nginx
Normal file
@ -0,0 +1,50 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name ADDRESS;
|
||||
rewrite ^ https://$server_name$request_uri? permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
# SERVER BLOCK FOR ADDRESS
|
||||
listen 443 ssl;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_certificate /etc/letsencrypt/live/ADDRESS/cert.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/ADDRESS/privkey.pem;
|
||||
|
||||
access_log /etc/nginx/logs/access-ADDRESS.log;
|
||||
error_log /etc/nginx/logs/error-ADDRESS.log info;
|
||||
root CUR_DIR;
|
||||
server_name ADDRESS;
|
||||
|
||||
# Media: images, icons, video, audio, HTC
|
||||
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
|
||||
expires 1M;
|
||||
access_log off;
|
||||
add_header Cache-Control "public";
|
||||
}
|
||||
|
||||
# CSS and Javascript
|
||||
location ~* \.(?:css|js)$ {
|
||||
expires 1y;
|
||||
access_log off;
|
||||
add_header Cache-Control "public";
|
||||
}
|
||||
|
||||
location ^~ /static {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
location ~ ^/ {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
|
||||
proxy_pass https://127.0.0.1:PORT;
|
||||
proxy_redirect off;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user