November 19, 2023

Add a new website to a server running nginx, LetsEncrypt HTTPS and Certbot

Last updated on January 2024.

This is follow up note from https://yctct.com/setup-webserver to add a second website on the same web server.

Update DNS

In the DNS, point the domain name (or a subdomain) to the IP address of VPS.

A @ IP_address

Configure web server

Read:

• https://fedfree.org/docs/http/debian-nginx.html#introduction-3
• https://fedfree.org/docs/http/debian-nginx.html#do-not-configure-the-hostname-first

Follow FedFree’s instructions:

• https://fedfree.org/docs/http/debian-nginx.html#add-a-new-website

Generate a LetsEncrypt certificate

Read:

• https://fedfree.org/docs/http/debian-nginx.html#add-the-new-tls-certificate

Generate a LetsEncrypt certificate for the new website:

# certbot certonly --webroot -w /var/www/example.com --must-staple --rsa-key-size 4096 --agree-tos -w /var/www/letsencrypt -d example.com --register-unsafely-without-email
# certbot certonly --webroot -w /var/www/example.com --must-staple --rsa-key-size 4096 --agree-tos -w /var/www/letsencrypt -d www.example.com --register-unsafely-without-email
# ls /etc/letsencrypt/live/ # show that example.com and www.example directories are created

About --webroot: https://eff-certbot.readthedocs.io/en/stable/using.html#webroot.

Place index.html in root

# touch /var/www/example.com/index.html

Add CAA to DNS

example.org. CAA 128 issue "letsencrypt.org"

CAA creates a DNS mechanism that enables domain name owners to whitelist CAs that are allowed to issue certificates for their hostnames.

Long story: https://blog.qualys.com/product-tech/2017/03/13/caa-mandated-by-cabrowser-forum

Tests

Run curl tests and the SSL test (you should get A+), see: https://fedfree.org/docs/http/debian-nginx.html#tests

Then:

# nginx -t

And reload nginx:

# systemctl reload nginx

Back up the LetsEncrypt certificate

Back up the LetsEncrypt directory: https://yctct.com/backup-letsencrypt-folder-from-remote-to-local

✍✍✍✍✍✍✍✍✍✍✍✍✍✍

I do self-funded research and I'm writing a book.

> What's the book about?

About technologies and agency.

Meaning, technologies can foster agency. No doubt. But I am also asking:

Can usage of technologies give us a sense of empowerment while in fact undermining our abilities?

I posted a summary of the prologue on the homepage: https://yctct.com/

✍✍✍✍✍✍✍✍✍✍✍✍✍✍

personal computing command-line interface (cli) gnu linux trisquel shell literacy wiki nginx hosting letsencrypt certbot