This note introduces how to deploy a https-enabled static website with nginx and certbot.
Suppose you already have the nginx package installed in your Linux system.
For a simple static site located at /home/evan/blog/public, we can have it up runing with the a simple configuration located at /etc/nginx/conf.d/your_domain.conf, which writes as
server {
listen 443 ssl;
server_name your_domain;
ssl_certificate /etc/letsencrypt/live/your_domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your_domain/privkey.pem;
root /home/lighthouse/blog/public;
index index.html; # name of index page
location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|pdf|txt){
root /home/lighthouse/blog/public;
} # access to static files
}After your are done editing, don’t forget to run nginx -s reload to apply the new configuration.
If you aim to implement more advanced features, you should add more details or even a couple of more configuration files, please refer to the official nginx documentation.
I believe that now you wonder how to get those SSL certificate and key.
You can require a paid one from some SSL certificate organization. Nevertheless for us non-commercial users, we can simply generate a free certificate by ourselves, with the help of certbot, a certification helper that supports the automatic certification APIs provided by letsencrypt organization.
To generate one, all you need are the certbot installed and a legally owned domain name. The command is as follows
sudo certbot certonly --standalone -d your_domain_nameThere are some points to be aware of:
443 and 80 unoccupied before running the command.nginx, ssl, https, static website, letsencrypt, certbot — Jan 24, 2023
Made with ❤ and at Earth.