Update 'ownCast, nginx and TLS'
parent
9450ace1f3
commit
18030b57cf
|
@ -20,7 +20,9 @@ Welcome to the Wiki.
|
||||||
$ sudo touch /var/www/html/index.html
|
$ sudo touch /var/www/html/index.html
|
||||||
$ sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/your.domain.com.conf
|
$ sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/your.domain.com.conf
|
||||||
```
|
```
|
||||||
|
|
||||||
edit /etc/nginx/sites-available/your.domain.com.conf into something like:
|
edit /etc/nginx/sites-available/your.domain.com.conf into something like:
|
||||||
|
|
||||||
```
|
```
|
||||||
server {
|
server {
|
||||||
listen 80;
|
listen 80;
|
||||||
|
@ -37,11 +39,15 @@ server {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## disable default page and enable your virtual domain
|
||||||
|
|
||||||
|
```
|
||||||
$ sudo ln -s /etc/nginx/sites-available/your.domain.com.conf /etc/nginx/sites-enabled/your.domain.com.conf
|
$ sudo ln -s /etc/nginx/sites-available/your.domain.com.conf /etc/nginx/sites-enabled/your.domain.com.conf
|
||||||
$ sudo rm /etc/nginx/sites-enabled/default
|
$ sudo rm /etc/nginx/sites-enabled/default
|
||||||
$ sytemctl restart nginx
|
$ sudo sytemctl restart nginx
|
||||||
```
|
```
|
||||||
Test your webserver by going with a browser to http://your.domain.com - does it work?
|
|
||||||
|
Test your webserver by going with a browser to http://your.domain.com.
|
||||||
|
|
||||||
## install certificates from Let's Encrypt
|
## install certificates from Let's Encrypt
|
||||||
|
|
||||||
|
@ -52,11 +58,10 @@ Test your webserver by going with a browser to http://your.domain.com - does it
|
||||||
## reconfigure nginx to proxy to ownCast
|
## reconfigure nginx to proxy to ownCast
|
||||||
|
|
||||||
edit /etc/nginx/sites-available/your.domain.com.conf into something like this:
|
edit /etc/nginx/sites-available/your.domain.com.conf into something like this:
|
||||||
|
|
||||||
```
|
```
|
||||||
server {
|
server {
|
||||||
|
|
||||||
server_name your.domain.com;
|
server_name your.domain.com;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
@ -69,19 +74,19 @@ server {
|
||||||
proxy_set_header Connection $connection_upgrade;
|
proxy_set_header Connection $connection_upgrade;
|
||||||
proxy_pass http://127.0.0.1:8080;
|
proxy_pass http://127.0.0.1:8080;
|
||||||
}
|
}
|
||||||
|
|
||||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/your.domain.com/fullchain.pem; # managed by Certbot
|
ssl_certificate /etc/letsencrypt/live/your.domain.com/fullchain.pem; # managed by Certbot
|
||||||
ssl_certificate_key /etc/letsencrypt/live/your.domain.com/privkey.pem; # managed by Certbot
|
ssl_certificate_key /etc/letsencrypt/live/your.domain.com/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
(change your.domain.com to your own domain, and port in the proxy_pass setting to whatever you are using)
|
(change your.domain.com to your own domain, and port in the proxy_pass setting to whatever you are using)
|
||||||
|
|
||||||
Edit /etc/nginx/nginx.conf and add anywhere into html{} stanza:
|
Edit /etc/nginx/nginx.conf and add anywhere into html{} stanza:
|
||||||
|
|
||||||
```
|
```
|
||||||
map $http_upgrade $connection_upgrade {
|
map $http_upgrade $connection_upgrade {
|
||||||
default upgrade;
|
default upgrade;
|
||||||
|
|
Loading…
Reference in New Issue