--- type: "topic" created: "2024-01-06T01:25:36.083Z" updated: "2024-01-06T01:25:36.083Z" --- # certbot ```bash ln -s /etc/nginx/sites-available/code-server /etc/nginx/sites-enabled/code-server nginx -s reload cp /var/log/letsencrypt/letsencrypt.log /home/vscode/Notes/ ls /etc/nginx/sites-available cp /etc/nginx/sites-available/code-server /home/vscode/Notes/ echo >/etc/nginx/sites-available/code-server && nano /etc/nginx/sites-available/code-server nginx -s reload cp /etc/nginx/sites-available/default /home/vscode/Notes/ echo >/etc/nginx/sites-available/default && nano /etc/nginx/sites-available/default nginx -s reload nano /etc/letsencrypt/options-ssl-nginx.conf links http://phares3757.ddns.net/index.html nano /etc/nginx/sites-available/default nginx -s reload links http://phares3757.ddns.net:8080/index.html links http://phares3757.ddns.net:8080/index.htm nano /etc/nginx/sites-available/default ls /var/www/html mkdir -R /var/www/html/.well-known/acme-challenge mkdir -r /var/www/html/.well-known/acme-challenge mkdir -a /var/www/html/.well-known/acme-challenge mkdir --a /var/www/html/.well-known/acme-challenge mkdir -p /var/www/html/.well-known/acme-challenge nano /var/www/html/.well-known/acme-challenge/3EyVP-v2tP40lnP9unxVDBHOYnkuIyn8cKIODjMdQK4 links http://phares3757.ddns.net:8080/.well-known/acme-challenge/3EyVP-v2tP40lnP9unxVDBHOYnkuIyn8cKIODjMdQK4 certbot --redirect --agree-tos --nginx -d phares3757.ddns.net -m mikepharesjr@msn.com nano /etc/nginx/sites-available/default rm /etc/nginx/sites-enabled/code-server nginx -s reload links http://phares3757.ddns.net/.well-known/acme-challenge/3EyVP-v2tP40lnP9unxVDBHOYnkuIyn8cKIODjMdQK4 certbot --redirect --agree-tos --nginx -d phares3757.ddns.net -m mikepharesjr@msn.com ufw status numbered certbot --redirect --agree-tos --nginx -d phares3757.ddns.net -m mikepharesjr@msn.com certbot install --cert-name phares3757.ddns.net ln -s /etc/nginx/sites-available/code-server /etc/nginx/sites-enabled/code-server nginx -s reload certbot install --cert-name phares3757.ddns.net certbot renew certbot certonly certbot --non-interactive --redirect --agree-tos --nginx -d phares3757.ddns.net -m mikepharesjr@msn.com ``` ```bash echo >/etc/nginx/sites-available/default && nano /etc/nginx/sites-available/default ``` ```conf # echo >/etc/nginx/sites-available/default && nano /etc/nginx/sites-available/default server { listen 8080 default_server; listen [::]:8080 default_server; include /etc/nginx/fcgiwrap.conf; root /var/www/html; server_name _; } ``` ```bash echo >/etc/nginx/sites-available/code-server && nano /etc/nginx/sites-available/code-server ``` ```conf # echo >/etc/nginx/sites-available/code-server && nano /etc/nginx/sites-available/code-server server { server_name phares3757.ddns.net; location / { proxy_pass http://localhost:8007/; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection upgrade; proxy_set_header Accept-Encoding gzip; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/phares3757.ddns.net/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/phares3757.ddns.net/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = phares3757.ddns.net) { return 301 https://$host$request_uri; } # managed by Certbot listen 8080; listen [::]:8080; server_name phares3757.ddns.net; return 404; # managed by Certbot } ``` ```bash ufw allow from 0.0.0.0/0 to any port 8080 comment "24) acme-challenge" cp /var/log/letsencrypt/letsencrypt.log /home/vscode/Notes certbot --non-interactive --redirect --agree-tos --nginx -d phares3757.ddns.net -m mikepharesjr@msn.com ```