wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[TOOLS] Add .well-known/acme-challenge/ root certbot to nginx container, to allow certbot certificate renewals

Browse Source
This commit is contained in:
Hugo Sales 2022-03-14 22:12:35 +00:00
parent dd62825169
commit e22fe55bbe
No known key found for this signature in database
GPG Key ID: 7D0C7EAFC9D835A0
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
docker/nginx/nginx.conf
View File

@ -1,3 +1,18 @@
server {
# Listen only on port 81 for localhost, and nothing else.
server_name 127.0.0.1;
listen 127.0.0.1:81 default_server;
charset utf-8;
# Certbot's folder used for the ACME challenge response.
location ^~ /.well-known/acme-challenge {
default_type text/plain;
root /var/www/certbot;
try_files $uri =404;
}
}
server { server {
listen [::]:80; listen [::]:80;
@ -5,6 +20,10 @@ server {
server_name %hostname%; server_name %hostname%;
location '/.well-known/acme-challenge' {
proxy_pass http://localhost:81;
}
# redirect all traffic to HTTPS # redirect all traffic to HTTPS
rewrite ^ https://$host$request_uri? permanent; rewrite ^ https://$host$request_uri? permanent;
} }
@ -35,6 +54,13 @@ server {
root /var/www/social; root /var/www/social;
} }
location /.well-known/acme-challenge/ {
allow all;
root /var/www/certbot;
try_files $uri =404;
break;
}
# PHP # PHP
location ~ ^/(index|install)\.php(/.*)?$ { location ~ ^/(index|install)\.php(/.*)?$ {
include fastcgi_params; include fastcgi_params;