Set up your own webserver (& webpage) with nginx, LetsEncrypt and Certbot
This webpage is more of a note to myself to remember the commands I ran rather than a standalone tutorial.
In fact, I followed this guide: https://fedfree.org/docs/http/debian-nginx.html.
The process took me about 3 hours.
Prerequisite: a VPS with GNU/Linux running and a SSH connection. You can follow the following tutorials to get a VPS running with Trisquel GNU/Linux and SSH connection:
- Set up a VPS with Trisquel GNU/Linux
- Set up a SSH connection between VPS and local machine (to be published)
These are the commands I ran (as root) as I progressed through the Fedfree tutorial:
apt-get install nginx-core
apt-get install certbot openssl
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 # create file
systemctl stop nginx
certbot certonly -d agency.yctct.com --rsa-key-size 4096 --must-staple --register-unsafely-without-email
ls /etc/letsencrypt/live/ # show that example.com directory is created
[back up above file]
sed -i '/server_tokens/s/^ *#//' /etc/nginx/nginx.conf # uncomment line
sed -i '/gzip_comp_leve/s/^ *#//' /etc/nginx/nginx.conf # uncomment line
sed -i '/gzip_type/s/^ *#//' /etc/nginx/nginx.conf # uncomment lineTo back up /etc/letsencrypt/ see https://yctct.com/backup-letsencrypt-folder-from-remote-to-local.
Edit SSL settings as recommended in https://fedfree.org/docs/http/debian-nginx.html#etcnginxnginx.conf-tls - my sed skills are not good enough to do the substitution from the command line!
Edit /etc/nginx/sites-available/default as shown in https://fedfree.org/docs/http/debian-nginx.html#etcnginxsites-availabledefault-1
Run:
mkdir -p /var/www/letsencrypt/.well-known/acme-challenge
systemctl start nginx
mkdir -p /var/www/agency.yctct.com
touch /etc/nginx/sites-available/agency.yctct.com
ln -s /etc/nginx/sites-available/agency.yctct.com agency.yctct.comAdd content of https://fedfree.org/docs/http/debian-nginx.html#etcnginxsites-availableexample.com to /etc/nginx/sites-available/agency.yctct.com.
Run as root:
nginx -tRead the outcome of the test, check whether you spot any problems, if so act accordingly, then run:
systemctl start nginxOpen a browser.
Type the URL of your website.
The browser should display this:
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.
Thank you for using nginx.Note: substitute agency.yctct.com for your website. Look at the tutorial from Fedfree to set up a redirect from www.example.com to example.com, if you are doing so.
Carry on with checks, setting up a cron job to auto-renew the certificate, etc, see: https://fedfree.org/docs/http/debian-nginx.html#ssl-labs.
See also:
✍✍✍✍✍✍✍✍✍✍✍✍✍✍
I do self-funded research and I'm writing a book.
> What's the book about?
About technologies and agency.
Meaning, technologies can foster agency. No doubt. But I am also asking:
Can usage of technologies give us a sense of empowerment while in fact undermining our abilities?
I posted a summary of the prologue on the homepage: https://yctct.com/
✍✍✍✍✍✍✍✍✍✍✍✍✍✍
personal computing command-line interface (cli) gnu linux trisquel shell literacy office applications wiki nginx hosting letsencrypt certbot
