Set up your own webserver (& webpage) with nginx, LetsEncrypt and Certbot
This webpage is more of a note to myself to remember the commands I ran rather than a standalone tutorial.
In fact, I followed this guide: https://fedfree.org/docs/http/debian-nginx.html.
The process took me about 3 hours.
Prerequisite: a VPS with GNU/Linux running and a SSH connection. You can follow the following tutorials to get a VPS running with Trisquel GNU/Linux and SSH connection:
- Set up a VPS with Trisquel GNU/Linux
- Set up a SSH connection between VPS and local machine (to be published)
These are the commands I ran (as root) as I progressed through the Fedfree tutorial:
apt-get install nginx-core apt-get install certbot openssl openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 # create file systemctl stop nginx certbot certonly -d agency.yctct.com --rsa-key-size 4096 --must-staple --register-unsafely-without-email ls /etc/letsencrypt/live/ # show that example.com directory is created [back up above file] sed -i '/server_tokens/s/^ *#//' /etc/nginx/nginx.conf # uncomment line sed -i '/gzip_comp_leve/s/^ *#//' /etc/nginx/nginx.conf # uncomment line sed -i '/gzip_type/s/^ *#//' /etc/nginx/nginx.conf # uncomment line
To back up
/etc/letsencrypt/ see https://yctct.com/backup-letsencrypt-folder-from-remote-to-local.
Edit SSL settings as recommended in https://fedfree.org/docs/http/debian-nginx.html#etcnginxnginx.conf-tls - my
sed skills are not good enough to do the substitution from the command line!
Edit /etc/nginx/sites-available/default as shown in https://fedfree.org/docs/http/debian-nginx.html#etcnginxsites-availabledefault-1
mkdir -p /var/www/letsencrypt/.well-known/acme-challenge systemctl start nginx mkdir -p /var/www/agency.yctct.com touch /etc/nginx/sites-available/agency.yctct.com ln -s /etc/nginx/sites-available/agency.yctct.com agency.yctct.com
Add content of https://fedfree.org/docs/http/debian-nginx.html#etcnginxsites-availableexample.com to /etc/nginx/sites-available/agency.yctct.com.
Run as root:
Read the outcome of the test, check whether you spot any problems, if so act accordingly, then run:
systemctl start nginx
Open a browser.
Type the URL of your website.
The browser should display this:
Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx.
Note: substitute agency.yctct.com for your website. Look at the tutorial from Fedfree to set up a redirect from www.example.com to example.com, if you are doing so.
Carry on with checks, setting up a cron job to auto-renew the certificate, etc, see: https://fedfree.org/docs/http/debian-nginx.html#ssl-labs.
I do self-funded research and I'm writing a book.
> What's the book about?
About technologies and epistemology.
Meaning, technologies can foster agency. No doubt. But I am also asking:
Can technologies make us blind?
I posted a summary of the prologue on the homepage: https://yctct.com/