Comments (8)
looks like its in good working order to me.
nice job getting a test server running!
from blockbuilder.
will have a go at this one
from blockbuilder.
strategy:
- test by spinning up a second blockbuilder-frontend server
- point a subdomain I control at that new server
- get a cert for that subdomain + new server combination
- setup nginx as the web server
- use nginx settings to redirect http to https
once all is well on the blockbuilder-frontend-2
test server
- setup nginx + http to https redirect on the
blockbuilder-frontend
production server
from blockbuilder.
alright, got my test server working, serving blockbuilder with nginx 🎉
you can check it out at http://blockbuilder.micah.fyi
(and watch the browser upgrade the connection from http to https)
from blockbuilder.
will try out this test server for a bit before switching over the main server.
@enjalot want to take a look at http://blockbuilder.micah.fyi, see switching to nginx breaks anything?
from blockbuilder.
to remove IPTABLES rules:
sudo iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8889
sudo iptables -t nat -D PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
following this answer:
https://stackoverflow.com/questions/10197405/how-can-i-remove-specific-rules-from-iptables
(we want to remove the IP Tables rules since we will use nginx going forward, since nginx makes it easy to redirect http to https)
from blockbuilder.
ok, redirecting http to https
sudo certbot --nginx
#
# ...
#
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: blockbuilder.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for blockbuilder.org
Waiting for verification...
Cleaning up challenges
Could not open file: /etc/nginx/sites-enabled/default
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/blockbuilder.org
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/blockbuilder.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
The new certificate covers the following domains: https://blockbuilder.org
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=blockbuilder.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/blockbuilder.org/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/blockbuilder.org/privkey.pem
Your cert will expire on 2019-03-03. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
➜ nginx
from blockbuilder.
ok, it works 🎉
from blockbuilder.
Related Issues (20)
- Set breakpoints using Chrome inspect
- update dependencies
- replace http content with https content
- Uncaught SyntaxError: Unexpected token < HOT 4
- Broken Auth Flow with HTTPS HOT 16
- fix vulnerabilities in dependencies HOT 1
- Authentification via github account does not work HOT 1
- stop using TLS-SNI-01 for domain validation so https will keep working HOT 3
- fix on save bug with specific map block
- investigate python 2.x dependency introduced by sass HOT 3
- no such file main.handlebars with node v12.3.0
- specify node version HOT 2
- document new docker container feature for local dev HOT 2
- remove bundle from github HOT 1
- block does not render, local files issue
- Bump magic-sandbox HOT 1
- TypeError: Cannot read property 'collection' of null HOT 10
- [code editor] Font size
- update Github auth to Basic Authentication HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from blockbuilder.