Skip to content

Commit

Permalink
final update certbot and nginx conf
Browse files Browse the repository at this point in the history
  • Loading branch information
sahil-sagwekar2652 committed Apr 24, 2024
1 parent 8cf8711 commit b5ef9f1
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 66 deletions.
46 changes: 0 additions & 46 deletions .github/workflows/meshmap.yml

This file was deleted.

10 changes: 7 additions & 3 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ services:
nginx:
depends_on:
- flask_blog
- certbot
image: nginx:stable
restart: always
links:
Expand All @@ -12,12 +11,17 @@ services:
- 443:443
volumes:
- ./nginx/:/etc/nginx/conf.d/:ro
- ./certbot/www:/var/www/certbot/:ro
- ./certbot/www/:/var/www/certbot/:ro
# - ./certbot/conf/:/etc/nginx/ssl/:ro
- ./certbot/conf/:/etc/letsencrypt:ro # mounting the folder to the nginx container

certbot:
image: certbot/certbot:latest
depends_on:
- nginx
command: certonly --reinstall --webroot --webroot-path=/var/www/certbot --email [email protected] --agree-tos --no-eff-email -d blog.sahilsagwekar.co
volumes :
- ./certbot/www:/var/www/certbot/:rw
- ./certbot/www/:/var/www/certbot/:rw
- ./certbot/conf/:/etc/letsencrypt/:rw

db:
Expand Down
46 changes: 29 additions & 17 deletions nginx/nginx.conf
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
upstream flask_blog {
upstream flask_app {
server flask_blog:5000;
}

Expand All @@ -7,30 +7,42 @@ server {
listen [::]:80;

server_name blog.sahilsagwekar.co;
server_tokens off;

location /.well-known/acme-challenge/ {
root /var/www/certbot;
}

location / {
return 301 https://blog.sahilsagwekar.co$request_uri;
}
# server_tokens off;
#
# location /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
#
# location / {
# proxy_pass http://flask_app;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Host $host;
# proxy_redirect off;
# }

return 301 https://blog.sahilsagwekar.co$request_uri;
}

server {
listen 443 default_server ssl http2;
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name blog.sahilsagwekar.co;

ssl_certificate /etc/nginx/ssl/live/blog.sahilsagwekar.co/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/blog.sahilsagwekar.co/privkey.pem;
# ssl_certificate /etc/nginx/ssl/live/blog.sahilsagwekar.co/fullchain.pem;
# ssl_certificate_key /etc/nginx/ssl/live/blog.sahilsagwekar.co/privkey.pem;

ssl_certificate /etc/letsencrypt/live/blog.sahilsagwekar.co/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.sahilsagwekar.co/privkey.pem;

location /.well-known/acme-challenge/ {
root /var/www/certbot;
}

location / {
proxy_pass http://flask_blog;
proxy_pass http://flask_app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto https;
# proxy_redirect off;
}
}

0 comments on commit b5ef9f1

Please sign in to comment.