Commit b894fc52 authored by Mikaël Salson's avatar Mikaël Salson

doc/server.md: Update documentation for Let's encrypt certificates

parent cf73be3d
Pipeline #198685 passed with stages
in 4 minutes and 55 seconds
......@@ -179,6 +179,7 @@ You can achieve this with the following steps:
To do so, you should tell `certbot` to put those files in the `/opt/vidjil/certs`
directory (this can be changed in the `docker-compose.yml` file.
You can generate the certificates with the command `certbot certonly --webroot -w /opt/vidjil/certs -d myvidjil.org`.
You'll need to update the Nginx configuration in `docker/vidjil-client/conf/nginx_web2py`
Then
```shell
cp /etc/letsencrypt/live/vdd.vidjil.org/fullchain.pem vidjil-client/ssl/web2py.crt
......@@ -186,6 +187,7 @@ You can achieve this with the following steps:
```
The certificates can be renewed with `certbot renew` but beware to copy the certificates after that.
Instead of copying the certificates, you may wish to mount `/etc/letsencrypt` in the Docker image as a volume (*eg.* `/etc/letsencrypt:/etc/nginx/ssl`).
However beware, because you would not be able to start Nginx till the certificates are in place.
On certificate renewal (with `certbot`), you then need to restart the Nginx server.
If necessary, in `docker-compose.yml`, update `nginx.volumes`, line `./vidjil-client/ssl:/etc/nginx/ssl`, to set the directory with the certificates.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment