SSL for SlwoYou.net - torarnehave1/slowyouio GitHub Wiki
To set up your new server with slowyou.net for the main domain and maiken.slowyou.net as a subdomain using Nginx, while also configuring PHP and HTTPS with Certbot, follow these steps:
1. Configure Nginx for slowyou.net and maiken.slowyou.net
You need to create two separate configuration files under /etc/nginx/sites-available/ and then create symbolic links to those files in /etc/nginx/sites-enabled/ to activate them.
Create Nginx Configuration for slowyou.net
-
Create a new configuration file:
sudo nano /etc/nginx/sites-available/slowyou.net -
Add the following configuration:
server { listen 80; listen [::]:80; server_name slowyou.net www.slowyou.net; root /var/www/html/slowyou.net; index index.php index.html index.htm; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.1-fpm.sock; # Adjust PHP version as needed } location ~ /\.ht { deny all; } # Redirect HTTP to HTTPS return 301 https://$server_name$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name slowyou.net www.slowyou.net; root /var/www/html/slowyou.net; index index.php index.html index.htm; ssl_certificate /etc/letsencrypt/live/slowyou.net/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/slowyou.net/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.1-fpm.sock; # Adjust PHP version as needed } location ~ /\.ht { deny all; } } -
Enable the site by creating a symlink:
sudo ln -s /etc/nginx/sites-available/slowyou.net /etc/nginx/sites-enabled/
Create Nginx Configuration for maiken.slowyou.net
-
Create a new configuration file:
sudo nano /etc/nginx/sites-available/maiken.slowyou.net -
Add the following configuration:
server { listen 80; listen [::]:80; server_name maiken.slowyou.net; # Redirect all HTTP traffic to HTTPS return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name maiken.slowyou.net; root /var/www/html/slowyou.net/maiken; index index.php index.html index.htm; ssl_certificate /etc/letsencrypt/live/maiken.slowyou.net/fullchain.pem; # Adjust path as necessary ssl_certificate_key /etc/letsencrypt/live/maiken.slowyou.net/privkey.pem; # Adjust path as necessary include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.1-fpm.sock; # Adjust PHP version as needed } location ~ /\.ht { deny all; } } -
Enable the site by creating a symlink:
sudo ln -s /etc/nginx/sites-available/maiken.slowyou.net /etc/nginx/sites-enabled/
2. Install PHP
If PHP is not already installed:
sudo apt update
sudo apt install php8.1-fpm php8.1-mysql # Adjust PHP version as needed
3. Enable and Restart Nginx
sudo nginx -t # Test configuration for syntax errors
sudo systemctl restart nginx # Restart Nginx to apply
changes
4. Obtain SSL Certificates with Certbot
For each domain, run:
sudo certbot --nginx -d slowyou.net -d www.slowyou.net
sudo certbot --nginx -d maiken.slowyou.net
Certbot will modify your Nginx configuration to implement HTTPS and set up automatic certificate renewal.
Final Notes
- Always backup your Nginx configuration files before making changes.
- Ensure that your DNS settings are correctly configured to point to the new server’s IP address.
- Test your configurations thoroughly after changes.
This setup should help you configure your sites on the new server and include PHP support as well as HTTPS encryption for secure web browsing.