Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
account-42017-03-12 17:39:00
Nginx
account-4, 2017-03-12 17:39:00

Letsencrypt: webroot or standalone for node.js app?

It is not entirely clear how the certificate and domain will be verified for an application on node.js?
In all examples, some /.well-known/acme-challenge/ folders. What are these folders, where are they and why? are they needed if the application is on node.js? Where to place them - inside the structure of my project, or what? "acme-challenge" - what is it anyway? I suck at these instructions.
Which way to choose webroot or standalone? Given that I want to run multiple sites with different domains on the same VPS. Ubuntu 16.04.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey Yarkov, 2017-03-12
@account-4

I wrote a couple of scripts for myself: 

#!/bin/bash

# Usage:
# sudo ~/letsencrypt/addnew.sh domain.ru

set -e

DOMAIN="$1"

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d ${DOMAIN} -d www.${DOMAIN}
#openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096

echo -e '
*********************************************************************
NGINX config add:
    ssl_certificate /etc/letsencrypt/live/${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/${DOMAIN}/privkey.pem;
    ssl_dhparam /etc/pki/nginx/dhparam.pem;
*********************************************************************
'

#!/bin/bash

# This script renews all the Let's Encrypt certificates with a validity < 30 days
# Usage:
#   run command:
#       sudo crontab -e
#   add string
#       @daily /home/vpsuser/letsencrypt/letsencrypt.cron.sh
#   run command:
#       chmod +x /home/vpsuser/letsencrypt/letsencrypt.cron.sh

NGINX=$(which nginx)

if ! /usr/bin/letsencrypt renew > /var/log/letsencrypt/renew.log 2>&1 ; then
    echo Automated renewal failed:
    cat /var/log/letsencrypt/renew.log
    exit 1
fi
${NGINX} -t && service nginx restart

Well, Nginx: 
server {
  listen 80 default_server;
  listen [::]:80 default_server;

  root /var/www/html;
  index index.html index.htm index.php;
  server_name _;

  location / {
    try_files $uri $uri/ =404;
  }

  # For LetsEncrypt: https://letsecure.me/secure-web-deployment-with-lets-encrypt-and-nginx/
  location ~ /.well-known/acme-challenge {
    allow all;
  }
}

Well, documentation:
https://gist.github.com/yarkovaleksei/2c6c96222924...

Similar questions
R
Rag'n' Code Man2021-06-25 14:42:21
Why is the same HTML inside all site files? 1Reply
S
Sergey Savostin2011-08-14 17:50:49
Web application architecture? 3Reply
S
s75002021-06-26 22:27:44
How to set up nginx to interact with docker? 1Reply
G
giggigi2011-08-26 12:50:40
Site files are deleted when configuring nginx (CentOS) 2Reply
D
Denis Sechin2018-02-28 13:23:56
Redirect nginx to another resource? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question