His Masters' Voices Wiki

よろずのことの書き残し

ユーザ用ツール

サイト用ツール

現在位置: start » server » nginx
server:nginx

差分

このページの2つのバージョン間の差分を表示します。

この比較画面へのリンク

両方とも前のリビジョン前のリビジョン
次のリビジョン		前のリビジョン
server:nginx [2022/07/18 17:54] – [操作ログ] nipa28server:nginx [2022/07/18 18:54] (現在) – [操作ログ] nipa28
行 5: 行 5:
 --- ---
  
-https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04-ja+[Ubuntu 20.04にNginxをインストールする方法](https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04-ja)
  
-https://vpslife.server-memo.net/letsencrypt_nginx/+[【Ubuntu】Let’s Encrypt+nginxでSSL/TLS(https接続)を設定する方法](https://vpslife.server-memo.net/letsencrypt_nginx/)
  
 環境 環境
行 13: 行 13:
  
 VPS, WebARENA indigo, Ubuntu20.04, 1vCPU 1G VPS, WebARENA indigo, Ubuntu20.04, 1vCPU 1G
-DDNS Nowで取得したドメインで接続 +DDNS Nowで取得したドメインで接続 xxx.f5.si, ooo.f5.si
  
 操作ログ 操作ログ
行 28: 行 28:
 ``` ```
  
 +http(暗号化なし)ではつながる。
 {{:server:pasted:20220718-172614.png}} {{:server:pasted:20220718-172614.png}}
  
 +サーバーブロックの設定
  
 ``` ```
-ubuntu@i-12100000390816:~$ sudo mkdir -p /var/www/hmv.f5.si/html +ubuntu@i-12100000390816:~$ sudo mkdir -p /var/www/xxx.f5.si/html 
-ubuntu@i-12100000390816:~$ sudo chown -R $USER:$USER /var/www/hmv.f5.si/html +ubuntu@i-12100000390816:~$ sudo chown -R $USER:$USER /var/www/xxx.f5.si/html 
-ubuntu@i-12100000390816:~$ sudo chmod -R 755 /var/www/hmv.f5.si +ubuntu@i-12100000390816:~$ sudo chmod -R 755 /var/www/xxx.f5.si 
-ubuntu@i-12100000390816:~$ vi /var/www/hmv.f5.si/html/index.html +ubuntu@i-12100000390816:~$ vi /var/www/xxx.f5.si/html/index.html  #効果確認用ページ 
-ubuntu@i-12100000390816:~$ sudo ln -s /etc/nginx/sites-available/hmv.f5.si /etc/nginx/sites-enabled/+ubuntu@i-12100000390816:~$ sudo ln -s /etc/nginx/sites-available/xxx.f5.si /etc/nginx/sites-enabled/
 ubuntu@i-12100000390816:~$ ubuntu@i-12100000390816:~$
 ``` ```
行 49: 行 51:
         index index.html index.htm index.nginx-debian.html;         index index.html index.htm index.nginx-debian.html;
  
-        server_name xxx.f5.si www.hmv.f5.si;+        server_name xxx.f5.si www.xxx.f5.si;
  
         location / {         location / {
行 62: 行 64:
 ubuntu@i-12100000390816:~$ sudo systemctl restart nginx.service ubuntu@i-12100000390816:~$ sudo systemctl restart nginx.service
 ``` ```
 +xxx.f5.si 効果確認用テストページが表示された
 +{{:server:pasted:20220718-175444.png}}
 +ooo.f5.si (xxx.f5.siと同じIP) デフォルトのページが表示された
 +{{:server:pasted:20220718-181553.png}}
  
 +---
  
 +SSL証明書
  
 +xxx.f5.siのSSL証明書を取って、HTTPS接続可能にする。
  
-SSL証明書+``` 
 +ubuntu@i-12100000390816:~$ sudo apt install certbot python3-certbot-nginx 
 +ubuntu@i-12100000390816:~$ sudo certbot --nginx -d xxx.f5.si -m xxx@xxxxxx.co.jp --agree-tos 
 +Saving debug log to /var/log/letsencrypt/letsencrypt.log 
 +Plugins selected: Authenticator nginx, Installer nginx 
 + 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 +Would you be willing to share your email address with the Electronic Frontier 
 +Foundation, a founding partner of the Let's Encrypt project and the non-profit 
 +organization that develops Certbot? We'd like to send you email about our work 
 +encrypting the web, EFF news, campaigns, and ways to support digital freedom. 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 +(Y)es/(N)o: n 
 +Obtaining a new certificate 
 +Performing the following challenges: 
 +http-01 challenge for xxx.f5.si 
 +Waiting for verification... 
 +Cleaning up challenges 
 +Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/xxx.f5.si 
 + 
 +Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 +1: No redirect - Make no further changes to the webserver configuration. 
 +2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for 
 +new sites, or if you're confident your site works on HTTPS. You can undo this 
 +change by editing your web server's configuration. 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 +Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 
 +Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/xxx.f5.si 
 + 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 +Congratulations! You have successfully enabled https://xxx.f5.si 
 + 
 +You should test your configuration at: 
 +https://www.ssllabs.com/ssltest/analyze.html?d=xxx.f5.si 
 +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 + 
 +IMPORTANT NOTES: 
 + - Congratulations! Your certificate and chain have been saved at: 
 +   /etc/letsencrypt/live/xxx.f5.si/fullchain.pem 
 +   Your key file has been saved at: 
 +   /etc/letsencrypt/live/xxx.f5.si/privkey.pem 
 +   Your cert will expire on 2022-10-16. To obtain a new or tweaked 
 +   version of this certificate in the future, simply run certbot again 
 +   with the "certonly" option. To non-interactively renew *all* of 
 +   your certificates, run "certbot renew" 
 + - Your account credentials have been saved in your Certbot 
 +   configuration directory at /etc/letsencrypt. You should make a 
 +   secure backup of this folder now. This configuration directory will 
 +   also contain certificates and private keys obtained by Certbot so 
 +   making regular backups of this folder is ideal. 
 + - If you like Certbot, please consider supporting our work by: 
 + 
 +   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate 
 +   Donating to EFF:                    https://eff.org/donate-le 
 + 
 +ubuntu@i-12100000390816:~$ 
  
 ``` ```
-sudo apt install certbot python3-certbot-nginx + 
-```+できた。 
 + 
 +{{:server:pasted:20220718-180407.png}} 
 + 
 + 
server/nginx.1658134466.txt.gz · 最終更新: 2022/07/18 17:54 by nipa28