Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
account-42017-03-12 17:39:00
Nginx
account-4, 2017-03-12 17:39:00

Letsencrypt: webroot or standalone for node.js app?

It is not entirely clear how the certificate and domain will be verified for an application on node.js?
In all examples, some /.well-known/acme-challenge/ folders. What are these folders, where are they and why? are they needed if the application is on node.js? Where to place them - inside the structure of my project, or what? "acme-challenge" - what is it anyway? I suck at these instructions.
Which way to choose webroot or standalone? Given that I want to run multiple sites with different domains on the same VPS. Ubuntu 16.04.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey Yarkov, 2017-03-12
@account-4

I wrote a couple of scripts for myself: 

#!/bin/bash

# Usage:
# sudo ~/letsencrypt/addnew.sh domain.ru

set -e

DOMAIN="$1"

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d ${DOMAIN} -d www.${DOMAIN}
#openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096

echo -e '
*********************************************************************
NGINX config add:
    ssl_certificate /etc/letsencrypt/live/${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/${DOMAIN}/privkey.pem;
    ssl_dhparam /etc/pki/nginx/dhparam.pem;
*********************************************************************
'

#!/bin/bash

# This script renews all the Let's Encrypt certificates with a validity < 30 days
# Usage:
#   run command:
#       sudo crontab -e
#   add string
#       @daily /home/vpsuser/letsencrypt/letsencrypt.cron.sh
#   run command:
#       chmod +x /home/vpsuser/letsencrypt/letsencrypt.cron.sh

NGINX=$(which nginx)

if ! /usr/bin/letsencrypt renew > /var/log/letsencrypt/renew.log 2>&1 ; then
    echo Automated renewal failed:
    cat /var/log/letsencrypt/renew.log
    exit 1
fi
${NGINX} -t && service nginx restart

Well, Nginx: 
server {
  listen 80 default_server;
  listen [::]:80 default_server;

  root /var/www/html;
  index index.html index.htm index.php;
  server_name _;

  location / {
    try_files $uri $uri/ =404;
  }

  # For LetsEncrypt: https://letsecure.me/secure-web-deployment-with-lets-encrypt-and-nginx/
  location ~ /.well-known/acme-challenge {
    allow all;
  }
}

Well, documentation:
https://gist.github.com/yarkovaleksei/2c6c96222924...

Similar questions
D
Denis Petrenko2021-05-31 20:37:45
How to raise ngix in conjunction with iohttp for a telegram bot? 1Reply
A
Alexander2021-06-01 05:27:04
How to limit the link speed for ngnix? 2Reply
V
VladimirMelnik2017-07-19 17:49:32
Is it possible to massively force refresh the cache of site users? 2Reply
U
Us592019-12-17 23:36:09
Why does the site freeze with 30-40 concurrent requests? 4Reply
D
Dmitry2017-07-22 20:17:35
Why doesn't websocket want to work over cellular? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question