forked from Decentrala/dmzconf
27 lines
871 B
Markdown
27 lines
871 B
Markdown
---
|
|
VMID: 100
|
|
---
|
|
|
|
This VM is a reverse proxy, all serveces go through it and get their SSL certificates
|
|
|
|
## Creating new record
|
|
|
|
```sh
|
|
cd /etc/nginx/sites-available/ # configs are located here
|
|
vim.tiny pastebin.dmz.rs # using pastebin as example, copy existing one and edit it
|
|
ln -s /etc/nginx/sites-available/pastebin.dmz.rs /etc/nging/sites-enabled/pastebin.dmz.rs # creating link since file is the same
|
|
mkdir /var/www/pastebindmzrs # new dir where certificate will be validated
|
|
nginx -t # checking for errors
|
|
systemctl reload nginx.service # reloading the service for changes to apply, reset will work too
|
|
service nginx reload # alternative server reload
|
|
certbot certonly --webroot -w /var/www/pastebindmzrs -d pastebin.dmz.rs -d pastebin.decentrala.org # requesting the certificates
|
|
```
|
|
|
|
## renewal
|
|
|
|
```sh
|
|
ls /var/www/
|
|
cd /etc/letsencrypt/renewal
|
|
certbot renew
|
|
```
|