diff --git a/docs/best-practices/testing/how-to-go-live-with-your-hypernode.md b/docs/best-practices/testing/how-to-go-live-with-your-hypernode.md index 64efc9a6..c7d8aa07 100644 --- a/docs/best-practices/testing/how-to-go-live-with-your-hypernode.md +++ b/docs/best-practices/testing/how-to-go-live-with-your-hypernode.md @@ -73,17 +73,6 @@ Flush the cache of Magento on the Hypernode. (`magerun cache:flush`) ## Step 7: Set up Hypernode Managed Vhosts -The Hypernode Managed Vhosts (HMV) system is currently enabled by default on all new booted Hypernodes (all Hypernodes created after 01-05-2020). - -Check if you have HMV enabled by running this command: - -```console -app@abcdef-example-magweb-cmbl:~$ hypernode-systemctl settings managed_vhosts_enabled -managed_vhosts_enabled is set to value True -``` - -If this is not enabled, skip the part below. - Due to this configuration it is required to add a new vhost for every domain you want to link to your Hypernode. So you need to configure your DNS correctly and add a new vhost for the domain. To add a new vhost, for example the domainname [www.example.com](http://www.example.com), to your configuration, you can simply run the command `hypernode-manage-vhosts www.example.com`. This will create a new vhost configuration in `/data/web/nginx/www.example.com/`, using the Magento 2 template. diff --git a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-3-on-hypernode.md b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-3-on-hypernode.md index 3963a35f..c8a4ad9a 100644 --- a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-3-on-hypernode.md +++ b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-3-on-hypernode.md @@ -14,13 +14,9 @@ redirect_from: Akeneo 3 preferably requires a Hypernode Pelican L, Falcon M, Eagle M hosting plan or larger. You can either choose to install it on a seperate Hypernode instance or on the same Hypernode as your Magento or Shopware installation. If you choose the latter you have to make sure that you have enough resources (disk space, memory and CPU) left. Furthermore you need to make sure that you are already using **MySQL 5.7, PHP 7.2 and Elasticsearch 6.x**, so it won’t affect your shop negatively. Installing Akeneo version 3.x may take up to 15 minutes. -## Enable managed_vhosts +## Managed Vhosts -All new Hypernodes (from April 2020) will automatically be booted with [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). If you already have an older Hypernode, then you need to enable Hypernode Managed Vhosts by running the following command: - -```bash -hypernode-systemctl settings managed_vhosts_enabled True -``` +Hypernode uses [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). Ensure you have a vhost for your Akeneo domain. ## Create a Managed_vhost for a (Sub)Domain diff --git a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-4-on-hypernode.md b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-4-on-hypernode.md index c8c506f6..0117fa67 100644 --- a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-4-on-hypernode.md +++ b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-4-on-hypernode.md @@ -15,13 +15,9 @@ redirect_from: Akeneo 4 preferably requires a Hypernode Pelican L, Falcon M, Eagle M hosting plan or larger. You can either choose to install it on a seperate Hypernode instance or on the same Hypernode as your Magento or Shopware installation. If you choose the latter you have to make sure that you have enough resources (disk space, memory and CPU) left. Furthermore you need to make sure that you are already using **MySQL 8.0, PHP 7.3 and Elasticsearch 7.x**, so it won’t affect your shop negatively. Installing Akeneo version 4.x may take up to 15 minutes. -## Enable managed_vhosts +## Managed Vhosts -All new Hypernodes (from April 2020) will automatically be booted with [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). If you already have an older Hypernode, then you need to enable Hypernode Managed Vhosts by running the following command: - -```bash -hypernode-systemctl settings managed_vhosts_enabled True -``` +Hypernode uses [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). Ensure you have a vhost for your Akeneo domain. ## Create a Managed_vhost for a (Sub)Domain diff --git a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-5-on-hypernode.md b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-5-on-hypernode.md index 406578aa..20b6c6e8 100644 --- a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-5-on-hypernode.md +++ b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-5-on-hypernode.md @@ -14,13 +14,9 @@ redirect_from: Akeneo 5 preferably requires a Hypernode Pelican L, Falcon M, Eagle M hosting plan or larger. You can either choose to install it on a seperate Hypernode instance or on the same Hypernode as your Magento or Shopware installation. If you choose the latter you have to make sure that you have enough resources (disk space, memory and CPU) left. Furthermore you need to make sure that you are already using **MySQL 8.0, PHP 7.4 and Elasticsearch 7.x**, so it won’t affect your shop negatively. Installing Akeneo version 5.x may take up to 15 minutes. -## Enable managed_vhosts +## Managed Vhosts -All new Hypernodes (from April 2020) will automatically be booted with [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). If you already have an older Hypernode, then you need to enable Hypernode Managed Vhosts by running the following command: - -```bash -hypernode-systemctl settings managed_vhosts_enabled True -``` +Hypernode uses [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). Ensure you have a vhost for your Akeneo domain. ## Create a Managed_vhost for a (Sub)Domain diff --git a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-6-on-hypernode.md b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-6-on-hypernode.md index f8c002ec..59ed60e4 100644 --- a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-6-on-hypernode.md +++ b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-6-on-hypernode.md @@ -14,13 +14,9 @@ redirect_from: Akeneo 6 preferably requires a Hypernode Pelican L, Falcon M, Eagle M hosting plan or larger. You can either choose to install it on a seperate Hypernode instance or on the same Hypernode as your Magento or Shopware installation. If you choose the latter you have to make sure that you have enough resources (disk space, memory and CPU) left. Furthermore you need to make sure that you are already using **MySQL 8.0, PHP 8.0 and Elasticsearch 7.x**, so it won’t affect your shop negatively. Installing Akeneo version 6.x may take up to 15 minutes. -## Enable managed_vhosts +## Managed Vhosts -All new Hypernodes (from April 2020) will automatically be booted with [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). If you already have an older Hypernode, then you need to enable Hypernode Managed Vhosts by running the following command: - -```bash -hypernode-systemctl settings managed_vhosts_enabled True -``` +Hypernode uses [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). Ensure you have a vhost for your Akeneo domain. ## Create a Managed_vhost for a (Sub)Domain diff --git a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-7-on-hypernode.md b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-7-on-hypernode.md index 2124a00b..f4918d18 100644 --- a/docs/ecommerce-applications/akeneo/how-to-install-akeneo-7-on-hypernode.md +++ b/docs/ecommerce-applications/akeneo/how-to-install-akeneo-7-on-hypernode.md @@ -15,13 +15,9 @@ redirect_from: Akeneo 7 preferably requires a Hypernode Pelican L, Falcon M, Eagle M hosting plan or larger. You can either choose to install it on a seperate Hypernode instance or on the same Hypernode as your Magento or Shopware installation. If you choose the latter you have to make sure that you have enough resources (disk space, memory and CPU) left. Furthermore you need to make sure that you are already using **MySQL 8.0, PHP 8.1 and OpenSearch 2.x**, so it won’t affect your shop negatively. Installing Akeneo version 7.x may take up to 15 minutes.\ **Important note: Akeneo 7.x requires MySQL 8.0.30, which is only available on Debian Bookworm.** -## Enable managed_vhosts +## Managed Vhosts -All new Hypernodes (from April 2020) will automatically be booted with [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). If you already have an older Hypernode, then you need to enable Hypernode Managed Vhosts by running the following command: - -```bash -hypernode-systemctl settings managed_vhosts_enabled True -``` +Hypernode uses [Hypernode Managed Vhosts](../../hypernode-platform/nginx/hypernode-managed-vhosts.md). Ensure you have a vhost for your Akeneo domain. ## Create a Managed_vhost for a (Sub)Domain diff --git a/docs/getting-started/how-to-order/how-to-get-started-with-your-hypernode-trial.md b/docs/getting-started/how-to-order/how-to-get-started-with-your-hypernode-trial.md index 86fc71db..70e7633d 100644 --- a/docs/getting-started/how-to-order/how-to-get-started-with-your-hypernode-trial.md +++ b/docs/getting-started/how-to-order/how-to-get-started-with-your-hypernode-trial.md @@ -71,18 +71,6 @@ In our support documentation you will find detailed information about installing ### Step 4 – Set up Hypernode Managed Vhosts -The Hypernode Managed Vhosts (HMV) system is currently enabled by default on all new booted Hypernodes (all Hypernodes created after 01-05-2020). - -Check if you have HMV enabled by running this command: - -`hypernode-systemctl settings managed_vhosts_enabled` - -If so, it will give the following output: - -`managed_vhosts_enabled is set to value True` - -If this is not enabled, skip the part below. - Due to this configuration it is required to add a new vhost for every domain you want to link to your Hypernode. So you need to configure your DNS correctly and add a new vhost for the domain. To add a new vhost, for example the domainname [www.example.com](http://www.example.com), to your configuration, you can simply run the command `hypernode-manage-vhosts www.example.com`. This will create a new vhost configuration in `/data/web/nginx/www.example.com/`, using the Magento 2 template. diff --git a/docs/hypernode-platform/dns/how-to-manage-your-dns-settings-for-hypernode.md b/docs/hypernode-platform/dns/how-to-manage-your-dns-settings-for-hypernode.md index 45a57811..8b256e94 100644 --- a/docs/hypernode-platform/dns/how-to-manage-your-dns-settings-for-hypernode.md +++ b/docs/hypernode-platform/dns/how-to-manage-your-dns-settings-for-hypernode.md @@ -129,19 +129,7 @@ Don’t fancy these solutions? Migrate your domain to Hypernode and let us manag ## DNS and Hypernode Managed Vhosts -The Hypernode Managed Vhosts (HMV) system is currently enabled by default on all newly booted Hypernodes (all Hypernodes created after 01-05-2020). - -Check if you have HMV enabled by running this command: - -`hypernode-systemctl settings managed_vhosts_enabled` - -If so, it will give the following output: - -`managed_vhosts_enabled is set to value True` - -If this isn't enabled, you can just skip the part below. - -Due to this configuration, it is required to add a new vhost for every domain you want to link to your Hypernode. So you need to configure your DNS correctly and add a new vhost for the domain. +With Hypernode Managed Vhosts (HMV), you must add a new vhost for every domain you want to link to your Hypernode. So you need to configure your DNS correctly and add a new vhost for the domain. To add a new vhost, for example the domain name `www.example.com`, to your configuration, you can run the command `hypernode-manage-vhosts www.example.com`. This will create a new vhost configuration in `/data/web/nginx/www.example.com/`, using the Magento 2 template. diff --git a/docs/hypernode-platform/nginx/how-to-configure-your-shop-to-only-use-https.md b/docs/hypernode-platform/nginx/how-to-configure-your-shop-to-only-use-https.md index 50cf12d1..ceaabdb9 100644 --- a/docs/hypernode-platform/nginx/how-to-configure-your-shop-to-only-use-https.md +++ b/docs/hypernode-platform/nginx/how-to-configure-your-shop-to-only-use-https.md @@ -24,41 +24,13 @@ You can find more in-depth information in [this article about SSL on Hypernode]( Please check out [this article](../ssl/how-to-use-ssl-certificates-on-your-hypernode-when-ordered-via-hypernode-com.md) for the different SSL options when you use the Hypernode Control Panel. -## Order Let’s Encrypt Certificates - -### On Hypernodes With Hypernode Managed Vhosts Enabled - -**Please note: If you want to use Let’s Encrypt and have the Hypernode Managed Vhosts (HMV) system enabled, you need to configure LE during the creation of the vhost. Using the old method with dehydrated won't work!** - -First, check if HMV is enabled on your Hypernode: - -`hypernode-systemctl settings managed_vhosts_enabled` - -If so, it will give the following output: - -`managed_vhosts_enabled is set to value True` +## How to Use Let’s Encrypt (LE) Certificates If you want to request a LE certificate you need to add the `--https` flag with the HMV-command. `hypernode-manage-vhosts www.example.com --https --force-https` -This command will not only request a LE Certificate but because of the --force-https flag it will also redirects all traffic for that specific vhost to HTTPS. - -### On Hypernodes Without Hypernode Managed Vhosts Enabled - -To order [Let’s Encrypt](../ssl/how-to-use-lets-encrypt-on-hypernode.md) certificates for all storefronts, use the following command: - -```bash -## Create an entry for each storefront -for DOMAIN in $( n98-magerun sys:store:config:base-url:list --format=csv | sed 1d | cut -d , -f 3 | perl -pe "s/https?://(www.)?//" | tr -d "/" | sort -u ); do - echo -e "$DOMAIN www.${DOMAIN}" >> ~/.dehydrated/domains.txt -done - -## Order the certificates -dehydrated -c --create-dirs -``` - -Don’t forget to [add the cron to renew your certificates](../ssl/how-to-use-lets-encrypt-on-hypernode.md) to the crontab if you are using Let’s Encrypt! +This command will not only request a LE Certificate but, because of the --force-https flag, it will also redirect all traffic for that specific vhost to HTTPS. ## Changing Your Base URLs @@ -79,17 +51,9 @@ If this is done by Magento, the database and PHP are used for making this redire This is why we must configure this in Nginx, so the redirect does not use unnecessary resources. -Run the following command to add the configuration to Nginx that routes all traffic over HTTPS: +Run the following command to configure a vhost to automatically redirect all traffic to HTTPS: -Create the following file at `/data/web/nginx/public.ssl_redirect.conf`: - -```nginx -if ($scheme = http) { - return 301 https://$host$request_uri; -} -``` - -**Please note that if you have [Hypernode Managed Vhosts](hypernode-managed-vhosts.md) enabled, you can skip this.** +`hypernode-manage-vhosts www.example.com --https --force-https` ## Check Settings of Third Party Solutions diff --git a/docs/hypernode-platform/nginx/how-to-redirect-from-or-to-www.md b/docs/hypernode-platform/nginx/how-to-redirect-from-or-to-www.md index 379558b3..0f7f094a 100644 --- a/docs/hypernode-platform/nginx/how-to-redirect-from-or-to-www.md +++ b/docs/hypernode-platform/nginx/how-to-redirect-from-or-to-www.md @@ -24,7 +24,7 @@ More info can be found [on our page about setting your DNS](../dns/how-to-manage ## Redirect From Apex to WWW -**When hypernode-managed-vhosts enabled** +**When Hypernode Managed Vhosts is enabled** To redirect all traffic to www you have to create both a vhost for the Apex and for the `www`. For the non-www vhost you can create the vhost as type wwwizer. This will redirect all traffic to the `www`. version of that vhost. This can be achieved by running: `hypernode-manage-vhosts example.com --type wwwizer`. @@ -34,18 +34,6 @@ To redirect all traffic to www you have to create both a vhost for the Apex and | www.example.com | magento2 | False | False | False | False | intermediate | ``` -**Without hypernode-manage-vhosts enabled (old legacy nginx-config)** - -You can redirect all traffic to www with the following Nginx snippet: - -```nginx -if ($http_host ~* "^example.com$") { - rewrite ^ https://www.$http_host$request_uri; -} -``` - -Save this snippet in `/data/web/nginx/server.rewrites`. - ## Redirect From WWW to Apex To redirect all traffic from www to the apex domain use the following Nginx snippet: diff --git a/docs/hypernode-platform/nginx/hypernode-managed-vhosts.md b/docs/hypernode-platform/nginx/hypernode-managed-vhosts.md index 9c2c1aac..b162afc0 100644 --- a/docs/hypernode-platform/nginx/hypernode-managed-vhosts.md +++ b/docs/hypernode-platform/nginx/hypernode-managed-vhosts.md @@ -60,14 +60,6 @@ Please take not that the webroot option is not used for the built-in staging for **Please note: If you want to use Let’s Encrypt and have the Hypernode Managed Vhosts (HMV) system enabled, you need to configure LE during the creation of the vhost. Using the old method with *dehydrated* won't work!** -First, check if HMV is enabled on your Hypernode: - -`hypernode-systemctl settings managed_vhosts_enabled` - -If so, it will give the following output: - -`managed_vhosts_enabled is set to value True` - If you want to request a LE certificate you need to add the `--https` flag with the HMV-command. `hypernode-manage-vhosts www.example.com --https --force-https` @@ -114,7 +106,7 @@ hypernode-manage-vhosts example.com --object-storage-defaults ### Vhost-specific configuration -Once you have setup a vhost, say [www.example.com](http://www.example.com), you can place your domain specific configuration in its configuration folder, /data/web/nginx/[www.example.com](http://www.example.com). You can do this the same way you configured your legacy, or global configuration. Simply place a file with a `server.` prefix, and it will be included in the vhost's server {} configuration block. You can also still use the `public.` and `staging.` prefixes, if you wish to have public, or staging, specific configuration. +Once you have setup a vhost, say [www.example.com](http://www.example.com), you can place your domain specific configuration in its configuration folder, /data/web/nginx/[www.example.com](http://www.example.com). You can do this the same way you configure your global configuration. Simply place a file with a `server.` prefix, and it will be included in the vhost's server {} configuration block. You can also still use the `public.` and `staging.` prefixes, if you wish to have public, or staging, specific configuration. Please note that any files with the 'HTTP.' prefix will also be loaded in the HTTP context. Nginx, however, only has a single http context. As such, any http configuration placed in a vhost, will also be loaded for all other vhosts. ### Global configuration @@ -132,43 +124,3 @@ If you are running into issues (e.g. SSL or other configuration errors) with Hyp `hypernode-manage-vhosts --all` This regenerates the HMV configuration based on what is set in `hypernode-manage-vhosts --list` and in our experience resolves most basic issues with Hypernode Managed Vhosts. - -## Enabling Managed Vhosts - -The Hypernode Managed Vhosts (HMV) system is currently enabled by default on all new booted Hypernodes. - -However if you have a Hypernode created before 01-05-2020 your Hypernode may still be running in 'legacy' mode. To enable the HMV you can run the command: - -`hypernode-systemctl settings managed_vhosts_enabled True`. - -This will convert your current legacy config into the HMV config. It will also convert all currently active vhosts into managed vhosts. - -Please note that while switching to HMV is very easy, there are a few things to check after switching to make sure everything works, as not every setting is automatically transferred. - -Run `hypernode-manage-vhosts --list` to get an overview of your current configuration and use the list below to check if it's correct. Not everything will apply to your Hypernode. - -- Make sure your domain is the default server instead of the Hypernode. You can do this by running the following command: - -`hypernode-manage-vhosts www.example.com --default-server` - -- Configure the vhosts to only use HTTPS. If you already have an SSL certificate configured and you don't want to use Let's Encrypt, use this command: - -`hypernode-manage-vhosts www.example.com --https --force-https --ssl-noclobber` - -This will make sure you won't overwrite the existing SSL certificate. - -If you do want to configure Let's Encrypt for the vhost you can use this command: - -`hypernode-manage-vhosts www.example.com --https --force-https` - -- If you make use of Varnish, make sure to enable Varnish for the specific vhosts: - -`hypernode-manage-vhosts www.example.com --varnish` - -- Want to redirect all traffic over www? Set up your naked domains to be wwwizers, with this command: - -`hypernode-manage-vhosts --type wwwizer [example.com](//example.com)` - -Please make sure to also double check your custom Nginx configurations, as these might not be converted automatically. - -You can always use `hypernode-manage-vhosts --help` to get more information on the different configurations. diff --git a/docs/hypernode-platform/ssl/how-to-upgrade-your-ssl-settings-to-an-a.md b/docs/hypernode-platform/ssl/how-to-upgrade-your-ssl-settings-to-an-a.md index 2447f872..02bd2a40 100644 --- a/docs/hypernode-platform/ssl/how-to-upgrade-your-ssl-settings-to-an-a.md +++ b/docs/hypernode-platform/ssl/how-to-upgrade-your-ssl-settings-to-an-a.md @@ -35,7 +35,7 @@ It is possible to switch to the [Modern Compatibility Settings](https://wiki.moz #### Mozilla Modern Configuration and Hypernode Managed Vhosts -The Hypernode Managed Vhosts (HMV) system is currently enabled by default on all new booted Hypernodes (booted after 01-05-2020). Read more about HMV [here](../nginx/hypernode-managed-vhosts.md). +Hypernode uses Managed Vhosts (HMV) for per-domain configuration. Read more about HMV [here](../nginx/hypernode-managed-vhosts.md). When you have different vhosts configured, you also need to enable the SSL config **per vhost**. You do this by running this command: diff --git a/docs/hypernode-platform/ssl/how-to-use-lets-encrypt-on-hypernode.md b/docs/hypernode-platform/ssl/how-to-use-lets-encrypt-on-hypernode.md index 3e11147f..483622cd 100644 --- a/docs/hypernode-platform/ssl/how-to-use-lets-encrypt-on-hypernode.md +++ b/docs/hypernode-platform/ssl/how-to-use-lets-encrypt-on-hypernode.md @@ -30,12 +30,7 @@ See their website for more information about how to use [Let's Encrypt](https:// ## Let’s Encrypt and Hypernode Managed Vhosts -**Please note:** If you want to use Let’s Encrypt and have the [Hypernode Managed Vhosts (HMV)](../nginx/hypernode-managed-vhosts.md) system enabled, you need to create a vhost for every domain you want to use Let’s Encrypt on or else it won’t work. - -First, check if HMV is enabled on your Hypernode: -`hypernode-systemctl settings managed_vhosts_enabled` -If so, it will give the following output: -`managed_vhosts_enabled is set to value True` +**Please note:** The [Hypernode Managed Vhosts (HMV)](../nginx/hypernode-managed-vhosts.md) system requires a vhost for every domain you want to use Let’s Encrypt on. Then run this command to set up a vhost for the domain: `hypernode-manage-vhosts www.example.com --https --force-https` This command redirects everything for the domain from http to https and installs a Let’s Encrypt certificate. @@ -50,128 +45,6 @@ If you have Let's Encrypt configured for your vhost, but want to add a third par 1. Install the third party certificate. 1. Run `hypernode-manage-vhosts example.com --https --ssl-noclobber` to configure HTTPS for your vhost without overwriting the third party certificate. -**If Hypernode Managed Vhosts IS NOT ENABLED, you can use the steps below to configure Let’s Encrypt.** - -## Configuration - -To make use of Let's Encrypt on Hypernodes, we installed the [dehydrated](https://github.com/lukas2511/dehydrated) Let's Encrypt client. -This command-line utility orders and renews a certificate through the LE API and stores the retrieved certificates on disk so we can use them in the Nginx configuration. - -### Configure dehydrated - -To configure `dehydrated` to manage SSL certificates for a domain, add the domain to the list of domains in `/data/web/.dehydrated/domains.txt`: - -For example: - -```text -your_hypernode_app_name.hypernode.io -test.domainA.com -staging.domainB.com -``` - -Then run `dehydrated` to request a certificate: - -```bash -dehydrated -c --create-dirs -``` - -This will create a directory tree in `/data/web/certs` with the configured certificates - -*Make sure you add an entry for each domain record you need ssl for. This means that you should add both the `www.example.com` **AND** `example.com` on it's own line to the `domains.txt` file.* - -### Add Existing Let's Encrypt Certificates to Be Renewed by Dehydrated - -If you want to use a different Let’s Encrypt client you can do so as well, just place your cert.pem, chain.pem and fullchain.pem files in the `/data/web/certs` directory in a subdirectory with as name the domain name the certificate is for. - -The directory tree will look like this if you have example.com and example.net: - -```console -app@abcdef-example-magweb-cmbl:~$ find /data/web/certs -example.com/ -example.com/fullchain.pem -example.com/cert.pem -example.com/privkey.pem -example.net/ -example.net/fullchain.pem -example.net/cert.pem -example.net/privkey.pem -``` - -When a certificate is renewed, the old certificate will be renamed to cert-`unique id` for recovery usage. - -## Manually Renew Your Certificates - -To force renewal on your certificates, even when the certificate is longer valid than 30 days, use the `--force` flags: - -```bash -dehydrated -c --force -``` - -**Be careful not to exceed the ratelimits at Let's Encrypt!** - -### Multiple Domains for One Shop - -Both `dehydrated` and out config generator now support multidomain certificates. This implicated that if you want to serve both your `www.` and `apex` domain over SSL, you may add both records on the same line in `.dehydrated/domains.txt` to ensure a valid nginx configuration is created for both domains. - -Example: - -```console -app@abcdef-example-magweb-cmbl:~$ cat ~/.dehydrated/domains.txt -example.hypernode.io -example.com www.example.com test.example.com -example.nl www.example.nl -``` - -### Configure the Hypernode and Magento to Support Let's Encrypt - -After creating certificates you need to update the Nginx configuration. This is done using the script `hypernode-ssl-config-generator`. -When you run this script, an SSL enabled Nginx configuration for your shop is generated in `/data/web/nginx/ssl` - -After creating an Nginx configuration, you should adjust your Magento base URLs to support SSL: - -- For Magento 1: - -```bash -magerun sys:store:config:base-url:set # set your baseurl to secure (https) -magerun cache:clean -``` - -- For Magento 2, check your base-urls with `magerun2 sys:store:config:base-url:list`. Then change the base-url with: - -```bash -cd ~/magento2 -magerun2 config:store:set web/secure/base_url https://my.hypernode.io -magerun2 cache:clean -``` - -Read more [here](../dns/how-to-manage-your-dns-settings-for-hypernode.md). - -Or, additionally you can make use of the scripts we created to change your baseurl provided for [Magento 1](https://gist.github.com/hn-support/0c76ebb5615a5be789997db2ae40bcdd) or for [Magento 2](https://gist.github.com/hn-support/083aabc8f9125b29098454cee1f25c89). - -### Setup a Cron to Automatically Renew Certificates - -To periodically check and renew certificates, create a cronjob running dehydrated: - -```text -PATH="/data/web/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -MAILTO="your@email.com" -0 1 * * * flock -n /data/web/.dehydrated.lock chronic dehydrated --no-lock --cron --create-dirs -``` - -This will check nightly at 1:00 if there are configured certificates that should be renewed. We use the `--no-lock` option so that flock manages the lock file accordingly and we don't use the outdated lock file mechanism of dehydrated. - -## Stop using dehydrated / Cleanup - -If you want to switch to an SSL certificate managed by Hypernode (for example you switch to an SSL EV certificate), you can easily remove the configuration and certificated for Let's Encrypt: - -- Remove the `ssl/` directory in `/data/web/nginx` -- Remove the `certs/` directory in `/data/web/` -- Remove all domains from the `/data/web/.dehydrated/domains.txt` -- Remove the cronjob from your crontab -- Renew the Nginx configuration by running `hypernode-ssl-config-generator` - -If you decide to not use any SSL certificate anymore and switch back to http (not recommended), don't forget to change your Magento base-url settings back to http, please see these docs for [Magento 1](../../ecommerce-applications/magento-1/how-to-change-the-base-url-in-magento-1-x.md) and [Magento 2](../../ecommerce-applications/magento-2/how-to-change-your-magento-2-base-urls.md). - ## Troubleshooting - By default, `dehydrated` renews Let's Encrypt certificates 30 days before expiring.