I have an apache2 server that works great with my .htaccess rules. I now want to run a different page that will not be affected by my current .htaccess rules using the same domain name but different port.
I have setup a shell script to automate setting this up but somewhere there seems to be a conflict of ports even though nginx should not be running on port 80 or 443.
Here is the script:
#!/bin/sh
read -p 'Enter domain name: ' domain
apt-get update && apt -y install nginx nginx-full nginx-common
systemctl enable nginx.service && systemctl start nginx.service
echo '''
server {
root /var/www/madeup.com;
index index.html index.htm index.nginx-debian.html;
server_name madeup.com
listen [::]:8080 ssl ipv6only=on; # managed by Certbot
listen 8080 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/madeup.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/madeup.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
''' > /tmp/file.txt
cd /tmp
sed -i "s/madeup.com/$domain/g" file.txt
cat file.txt
mv file.txt /etc/nginx/sites-enabled/$domain
apt install -y python3-certbot-nginx && certbot --nginx
systemctl restart nginx.service
rm -rf *.sh.*
Any ideas are welcome
Related
I am using nginx on my ubuntu machine and setup 2 laravel application using docker and one wordpress website without docker
Application 1: localhost:8088
Application 2: localhost:8089
I wanted to achieve is that when someone open localhost so it opens wordpress website and if someone open localhost/app1 it opens application 1 and so on.
So I have created reverse proxy so that it can open my docker container application
This is what I have done
sudo nano /etc/nginx/sites-available/website
ln -s /etc/nginx/sites-available/website /etc/nginx/sites-enabled/
nginx -t
systemctl restart nginx
After doing so when I try to open localhost/app1 it shows 404 but it recognise its a laravel app but shows 404
Here is my /etc/nginx/sites-available/website file code
server{
listen 80;
server_name localhost;
root /var/www/html/wordpress;
location /app1/{
proxy_pass http://localhost:8088;
}
}
You can create a file named redirects.map inside the nginx folder of your application and add a mapping like
~^localhost/app1/(.*) localhost:8089/$1;
You should change nginx configure from
server{
listen 80;
server_name localhost;
root /var/www/html/wordpress;
location /app1/{
proxy_pass http://localhost:8088;
}
}
To
server{
listen 80;
server_name localhost;
root /var/www/html/wordpress;
location /app1 {
proxy_pass http://localhost:8088;
}
}
I am trying to run certbot on an Amazon Linux EC2 instance to generate an ssl cert. I have turned off both nginx and apache to make port 80 available for certbot to bind to.
I am running certbot with the following command:
./certbot-auto certonly --standalone -d mydomain.com
It is producing the following error:
All the DNS record have been configured correctly as well so I'm not sure why this error is happening.
How can I make certbot run correctly?
I had to specify the correct http-01-port.
./certbot-auto certonly **--http-01-port 8080** -d domain.com -d www.domain.com
My web server is set up like this:
AWS EC2 Linux AMI
Apache 2.4
PHP 7
MySQL
Certbot is giving me an error like this when I try to run it:
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
I've looked at other answers people posted on their blogs etc... but they were were not specifically for the EC2 Linux AMI or were made more complicated than they need be.
Most of them seem to have something to do with /sites-available or enabled... but the main .conf file already has a line in it that points to additional .conf files. No need to add a line there.
This all assumes that you have Apache 2.4 installed and are trying to install Certbot.
Make sure A record is set to your IP address in DNS.
cd /etc/httpd/conf.d
sudo nano yourDomainName.conf
Paste, edit, and save the following:
<VirtualHost *:80>
ServerName yourDomainName.com
DocumentRoot /var/www/html
ServerAlias www.yourDomainName.com
ErrorLog /var/www/error.log
CustomLog /var/www/requests.log combined
</VirtualHost>
.
sudo service httpd restart
And with this you should see the virtual host:
httpd -D DUMP_VHOSTS
To install certbot:
cd ~/downloads
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
sudo certbot-auto --apache --debug
Try option 1, "spin up a temporary web server"
I had running nginx on port 80, even setup xamp on port 80, curl on port 80 worked, but it could not find server at localhost
A probable issue with certbot trying to setup and authenticate host with existing servers.
Use of temporary webserver (option 1) worked, ensure no service is running on port 80
I have no httpd service, so I have know such directory and file.
But thanks for the advice before I found the file mydomain.conf in the directory
(in your case you should replace mydomain
/etc/apache2/sites-available and I modified it as it was advised above
sudo nano /etc/apache2/sites-available/mydomain.conf
<VirtualHost *:80> DocumentRoot /var/www/mydomain ServerName mydomain </VirtualHost>
then check for correct
sudo apache2ctl configtest
then restart apache
systemctl reload apache2
and then run certbot
certbot --apache -d mydomain
I am adding https support to our servers. How can I not stop Nginx when adding Let's Encrypt support?
Add this block to your server configuration (depending on your server configuration you can use other path than /var/www/html):
location ~ /.well-known {
root /var/www/html;
allow all;
}
Reload nginx, run certbot as follows:
certbot certonly -a webroot --webroot-path=/var/www/html -d yourdomain.example
Apply generated certificate to your server configuration
ssl_certificate /etc/letsencrypt/live/yourdomain.example/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.example/privkey.pem;
Make sure server setup is configured to run on port 443 with ssl:
listen 443 ssl;
Reload nginx again. Between reloads, you can make sure if configuration don't have syntax errors by running nginx -t.
against all answers you can run certbot in nginx mode.
just read the docs for it.
all you have to do is install an additional nginx plugin and follow the docs of certbot.
that plugin would even hot reload the cached certificates in nginx ram as soon as they get updated.
https://certbot.eff.org/instructions
or go to the nginx docs instead: https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/
You can use docker for that. Link on hub.docker
For example:
Create certbot.sh
For that you must run in CLI:
touch certbot.sh && chmod +x ./certbot.sh
Write in file:
#!/usr/bin/env bash
docker run --rm -v /etc/letsencrypt:/etc/letsencrypt -v /var/lib/letsencrypt:/var/lib/letsencrypt certbot/certbot "$#"
and run like this:
./certbot.sh --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
OR
./certbot.sh renew
And you can add call this method in crontab for renew
0 0 1 * * /<PATH_TO_FILE>/certbot.sh renew
I Have installed Nginx-full via homebrew to the latests stable 1.8.1 version. I have installed php7.0 via brew as well. I want to get php working but i can't first get nginx to serve a static file. I have this configuration on a server and works perfectly but on my mac I'm having trouble. I set up my sites directory as follows:
nginx.conf:
#user www-data www-data;
worker_processes 4;
events {
worker_connections 1024;
}
http {
include mime.types;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/sites-available/default
server {
listen 80;
server_name localhost;
root /Users/londreblocker/Developer/Sites/bootstrap;
index index.php
error_log /Users/londreblocker/Logs/DMFA_erros.log;
access_log
/Users/londreblocker/Logs/DMFA_access.log;
}
there is a symbolic link to default in the sites-enabled folder. When i try to connect all i get is
This webpage is not available
ERR_CONNECTION_REFUSED
Any idea what could be going wrong. I am on a mac with El Capitan.
Check if nginx configuration is correct:
sudo nginx -t
and your config symlinks not broken:
ls -al /etc/nginx/sites-enabled
Check if nginx running:
ps aux |grep nginx
Check if nginx listening port 80:
sudo lsof -i -P | grep -i "listen"
If anyone is interested in my solution.
I had more than one version of nginx running due to previous install attempts and incorrect uninstalls. I deleted all versions and then did a reinstall. Seems to be working now.