September 29, 2023

Set up your own webserver (& webpage) with nginx, LetsEncrypt and Certbot

This webpage is more of a note to myself to remember the commands I ran rather than a standalone tutorial.
In fact, I followed this guide:

The process took me about 3 hours.

Prerequisite: a VPS with GNU/Linux running and a SSH connection. You can follow the following tutorials to get a VPS running with Trisquel GNU/Linux and SSH connection:

These are the commands I ran (as root) as I progressed through the Fedfree tutorial:

apt-get install nginx-core
apt-get install certbot openssl
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 # create file
systemctl stop nginx 
certbot certonly -d --rsa-key-size 4096 --must-staple --register-unsafely-without-email
ls /etc/letsencrypt/live/ # show that directory is created
[back up above file]
sed -i '/server_tokens/s/^ *#//' /etc/nginx/nginx.conf  # uncomment line
sed -i '/gzip_comp_leve/s/^ *#//' /etc/nginx/nginx.conf # uncomment line
sed -i '/gzip_type/s/^ *#//' /etc/nginx/nginx.conf  # uncomment line

To back up /etc/letsencrypt/ see

Edit SSL settings as recommended in - my sed skills are not good enough to do the substitution from the command line!

Edit /etc/nginx/sites-available/default as shown in


mkdir -p /var/www/letsencrypt/.well-known/acme-challenge 
systemctl start nginx
mkdir -p /var/www/
touch /etc/nginx/sites-available/
ln -s /etc/nginx/sites-available/

Add content of to /etc/nginx/sites-available/

Run as root:

nginx -t

Read the outcome of the test, check whether you spot any problems, if so act accordingly, then run:

systemctl start nginx

Open a browser.

Type the URL of your website.

The browser should display this:

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to
Commercial support is available at

Thank you for using nginx.

Note: substitute for your website. Look at the tutorial from Fedfree to set up a redirect from to, if you are doing so.

Carry on with checks, setting up a cron job to auto-renew the certificate, etc, see:


I do self-funded research and I'm writing a book.

> What's the book about?

About technologies and epistemology.

Meaning, technologies can foster agency. No doubt. But I am also asking:

Can technologies make us blind?

I posted a summary of the prologue on the homepage:


personal computing command-line interface (cli) gnu linux trisquel shell literacy office applications wiki nginx hosting

No affiliate links, no analytics, no tracking, no cookies. This work © 2016-2023 by r. philip is licensed under CC BY-ND 4.0 .   about me   contact me   all entries & tags   FAQ   GPG public key

GPG fingerprint: 2E0F FB60 7FEF 11D0 FB45 4DDC E979 E52A 7036 7A88