Ceci est une ancienne révision du document !
# mkdir /srv/repair-cafe.liberespace.org
# editor /etc/nginx/sites-available/repair-cafe.liberespace.org.conf
server { listen 80; listen [::]:80; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; root /srv/repair-cafe.liberespace.org; index index.html; location / { try_files $uri $uri/ =404; } }
# ln -s /etc/nginx/sites-available/repair-cafe.liberespace.org.conf /etc/nginx/sites-enabled/
# nginx -t
# cp /var/www/html/index.nginx-debian.html /srv/repair-cafe.liberespace.org/index.html
# systemctl reload nginx
# certbot certonly --nginx --agree-tos --email root@liberespace.org -d repair-cafe.liberespace.org -n
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for repair-cafe.liberespace.org Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/repair-cafe.liberespace.org/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/repair-cafe.liberespace.org/privkey.pem Your cert will expire on 2018-03-15. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
# editor /etc/nginx/sites-available/repair-cafe.liberespace.org.conf
server { listen 80; listen [::]:80; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; return 301 https://repair-cafe.liberespace.org$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; root /srv/repair-cafe.liberespace.org; index index.html; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_certificate /etc/letsencrypt/live/repair-cafe.liberespace.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/repair-cafe.liberespace.org/privkey.pem; location / { try_files $uri $uri/ =404; } }
# nginx -t
# systemctl reload nginx
# apt install php7.0-fpm php7.0-gd php7.0-xml
Lecture des listes de paquets... Fait Construction de l'arbre des dépendances Lecture des informations d'état... Fait Le paquet suivant a été installé automatiquement et n'est plus nécessaire : gcc-6-base Veuillez utiliser « apt autoremove » pour le supprimer. Les paquets supplémentaires suivants seront installés : php-common php7.0-cli php7.0-common php7.0-json php7.0-opcache php7.0-readline psmisc Paquets suggérés : php-pear Les NOUVEAUX paquets suivants seront installés : php-common php7.0-cli php7.0-common php7.0-fpm php7.0-gd php7.0-json php7.0-opcache php7.0-readline php7.0-xml psmisc 0 mis à jour, 10 nouvellement installés, 0 à enlever et 12 non mis à jour. Il est nécessaire de prendre 3 868 ko dans les archives. Après cette opération, 15,3 Mo d'espace disque supplémentaires seront utilisés. Souhaitez-vous continuer ? [O/n]
# cat /etc/nginx/sites-available/repair-cafe.liberespace.org.conf
server { listen 80; listen [::]:80; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; return 301 https://repair-cafe.liberespace.org$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; root /srv/repair-cafe.liberespace.org; index index.html; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_certificate /etc/letsencrypt/live/repair-cafe.liberespace.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/repair-cafe.liberespace.org/privkey.pem; location / { try_files $uri $uri/ =404; } }
# sed -i "s#index index.html;#index index.html index.php;#" /etc/nginx/sites-available/repair-cafe.liberespace.org.conf # sed -i "s# location / {# location ~ \.php$ {\n include snippets/fastcgi-php.conf;\n fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;\n }\n\n location / {#" /etc/nginx/sites-available/repair-cafe.liberespace.org.conf # systemctl restart nginx
# cat /etc/nginx/sites-available/repair-cafe.liberespace.org.conf
server { listen 80; listen [::]:80; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; return 301 https://repair-cafe.liberespace.org$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name repair-cafe.liberespace.org; access_log /var/log/nginx/repair-cafe.liberespace.org_access.log; error_log /var/log/nginx/repair-cafe.liberespace.org_error.log; root /srv/repair-cafe.liberespace.org; index index.html index.php; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_certificate /etc/letsencrypt/live/repair-cafe.liberespace.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/repair-cafe.liberespace.org/privkey.pem; location ~ .php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; } location / { try_files $uri $uri/ =404; } }