-
-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update https.md #244
Update https.md #244
Conversation
Previous version of tutorial is outdated because certbot-auto is deprecated.
Actually you don't need to restart The Lounge after certificate renewal.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I appreciate that you want to make the https configuration easier, but please do so in a Distro agnostic way and in the proper place.
reverse-proxy specific stuff is supposed to go in the reverse proxy documentation.
@@ -7,24 +7,33 @@ description: Easily configure The Lounge to be served over HTTPS for better secu | |||
In this guide, we will see how to easily configure The Lounge to be served over [HTTPS](https://en.wikipedia.org/wiki/HTTPS) for better security and privacy. | |||
|
|||
{: .alert.alert-warning role="alert"} | |||
The Lounge only has basic HTTPS support, and will need to be manually restarted to reload certificates on renewal. For advanced HTTPS support, consider [using a reverse proxy](/docs/guides/reverse-proxies). | |||
The Lounge only has basic HTTPS support. | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't remove the reverse proxy docs, that's actually what should be referred to, not just an nginx config that only works on some distributions.
|
||
1. Install nginx with `sudo apt install nginx`. | ||
2. Create configuration file for your domain with `sudo nano /etc/nginx/sites-available/thelounge.example.com` | ||
3. Paste code below: | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not an improvement over the reverse proxy docs, you are essentially writing an opinionated guide that only works on Debian / Ubuntu specific distros.
/etc/nginx/sites-enabled/
doesn't do anything if you don't have nginx setup to include those configs.
/etc/nginx/sites-available
is just an admin convention, nginx doesn't care about it.
5. Enable the configuration file with `sudo ln -s /etc/nginx/sites-available/thelounge.example.com /etc/nginx/sites-enabled/thelounge.example.com` | ||
6. Check the configuration file for errors with `sudo nginx -t` | ||
7. If there's no errors, restart nginx with `sudo systemctl restart nginx` | ||
8. Next, install certbot with `sudo apt install certbot python3-certbot-nginx` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
debian / ubuntu specific things again
Closing this, as it seems stalled and is too distro specific to be merged as is. |
Previous version of tutorial is outdated because certbot-auto is deprecated.
I forgot to say you don't need to restart The Lounge after certificate renewal. :/
Tested on Ubuntu 20.04 VPS. Hence
apt
is my package manager.