nginxconfig.io/public/templates/commands.html

<!-- ✔ symlink --><span ng-if="isSymlink()"><!--

--><span class="hljs-comment"># <strong>Virtual host</strong>: create symbolic link</span>
<span class="hljs-section">ln</span> <span class="hljs-attribute">-s</span> /etc/nginx/sites-available/{{ domain() }}.conf /etc/nginx/sites-enabled/{{ domain() }}.conf</span><!--


✔ symlink || ✔ HTTPS --><span ng-if="isSymlink() && ((isHTTPS() && !isSSLProfileModern()) || isCertLetsEncrypt())">

</span><!--


✔ HTTPS --><span ng-if="isHTTPS() && !isSSLProfileModern()"><!--

--><span class="hljs-comment"># <strong>HTTPS</strong>: create Diffie-Hellman keys</span>
<span class="hljs-section">openssl dhparam</span> <span class="hljs-attribute">-dsaparam</span> <span class="hljs-attribute">-out</span> /etc/nginx/dhparam.pem <span class="hljs-number">{{ isSSLProfileOld() ? 1024 : 2048 }}</span><!--

--><span ng-if="isCertLetsEncrypt()">

</span></span><!--


✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()"><!--
--><span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): create ACME-challenge common directory</span>
<span class="hljs-section">sudo</span> <span class="hljs-attribute">-u</span> {{ data.user }} <span class="hljs-section">sh</span> <span class="hljs-attribute">-c</span> "<span class="hljs-section">mkdir</span> <span class="hljs-attribute">-p</span> /var/www/_letsencrypt"

<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): disable SSL directives</span>
<span class="hljs-section">sed</span> <!--
--><span class="hljs-attribute">-i</span> <!--
--><span class="hljs-attribute">-r</span> <!--
-->'s/listen (.*)443/listen \1443;#/g; s/ssl_(certificate|certificate_key|trusted_certificate) /#;#ssl_\1/g' <!--
-->/etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ domain() }}.conf

<span class="hljs-comment"># <strong>HTTPS - certbot</strong>: obtain certificates</span>
<span class="hljs-section">certbot certonly</span> <!--
--><span class="hljs-attribute">--webroot</span> <!--
--><span ng-if="isNonWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> {{ domain() }} </span><!--
--><span ng-if="isWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> www.{{ domain() }} </span><!--
--><span ng-if="isCDN()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> cdn.{{ domain() }} </span><!--
--><span class="hljs-attribute">--email</span> {{ data.email ? data.email : 'info@' + domain() }} <!--
--><span class="hljs-attribute" tooltips tooltip-template="--webroot-path">-w</span> /var/www/_letsencrypt <!--
--><span class="hljs-attribute" tooltips tooltip-template="--non-interactive">-n</span> <!--
--><span class="hljs-attribute">--agree-tos</span> <!--
--><span class="hljs-attribute">--force-renewal</span>

<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (after first run): enable SSL directives</span>
<span class="hljs-section">sed</span> <!--
--><span class="hljs-attribute">-i</span> <!--
--><span class="hljs-attribute">-r</span> <!--
-->'s/#?;#//g' <!--
-->/etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ domain() }}.conf<!--

--></span>
-												vhost symlink option

											
										
										
											2018-12-01 18:47:16 +00:00
+								<!-- ✔ symlink --><span ng-if="isSymlink()"><!--
-												Change to sites-available instead of sites-enabled (#31)

* change from sites-enabled to sites-available

* add yarn.lock

* removed yarn.lock

* commands fix

* ZIP symbolic link

											
										
										
											2018-11-20 13:12:25 +00:00
 								--><span class="hljs-comment"># <strong>Virtual host</strong>: create symbolic link</span>
 								<span class="hljs-section">ln</span> <span class="hljs-attribute">-s</span> /etc/nginx/sites-available/{{ domain() }}.conf /etc/nginx/sites-enabled/{{ domain() }}.conf</span><!--
-												vhost symlink option

											
										
										
											2018-12-01 18:47:16 +00:00
+								✔ symlink || ✔ HTTPS --><span ng-if="isSymlink() && ((isHTTPS() && !isSSLProfileModern()) || isCertLetsEncrypt())">
-												Change to sites-available instead of sites-enabled (#31)

* change from sites-enabled to sites-available

* add yarn.lock

* removed yarn.lock

* commands fix

* ZIP symbolic link

											
										
										
											2018-11-20 13:12:25 +00:00
 								</span><!--
-												implemented SSL profiles (with HSTS)
based on Mozilla SSL Configuration Generator and hstspreload.org

											
										
										
											2018-03-10 12:39:05 +00:00
+								✔ HTTPS --><span ng-if="isHTTPS() && !isSSLProfileModern()"><!--
-												WordPress: fix CVE-2018-6389

											
										
										
											2018-02-21 00:54:13 +00:00
 								--><span class="hljs-comment"># <strong>HTTPS</strong>: create Diffie-Hellman keys</span>
-												implemented SSL profiles (with HSTS)
based on Mozilla SSL Configuration Generator and hstspreload.org

											
										
										
											2018-03-10 12:39:05 +00:00
+								<span class="hljs-section">openssl dhparam</span> <span class="hljs-attribute">-dsaparam</span> <span class="hljs-attribute">-out</span> /etc/nginx/dhparam.pem <span class="hljs-number">{{ isSSLProfileOld() ? 1024 : 2048 }}</span><!--
-												major refactor

											
										
										
											2018-02-18 13:02:11 +00:00
-												implemented SSL profiles (with HSTS)
based on Mozilla SSL Configuration Generator and hstspreload.org

											
										
										
											2018-03-10 12:39:05 +00:00
+								--><span ng-if="isCertLetsEncrypt()">
-												WordPress: fix CVE-2018-6389

											
										
										
											2018-02-21 00:54:13 +00:00
-												implemented SSL profiles (with HSTS)
based on Mozilla SSL Configuration Generator and hstspreload.org

											
										
										
											2018-03-10 12:39:05 +00:00
+								</span></span><!--
-												WordPress: fix CVE-2018-6389

											
										
										
											2018-02-21 00:54:13 +00:00
-												major refactor

											
										
										
											2018-02-18 13:02:11 +00:00
-												implemented SSL profiles (with HSTS)
based on Mozilla SSL Configuration Generator and hstspreload.org

											
										
										
											2018-03-10 12:39:05 +00:00
+								✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()"><!--
-												sed commands for SSL directives disable/enable

											
										
										
											2018-12-02 16:13:48 +00:00
+								--><span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): create ACME-challenge common directory</span>
-												major refactor

											
										
										
											2018-02-18 13:02:11 +00:00
+								<span class="hljs-section">sudo</span> <span class="hljs-attribute">-u</span> {{ data.user }} <span class="hljs-section">sh</span> <span class="hljs-attribute">-c</span> "<span class="hljs-section">mkdir</span> <span class="hljs-attribute">-p</span> /var/www/_letsencrypt"
-												sed commands for SSL directives disable/enable

											
										
										
											2018-12-02 16:13:48 +00:00
+								<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): disable SSL directives</span>
 								<span class="hljs-section">sed</span> <!--
 								--><span class="hljs-attribute">-i</span> <!--
 								--><span class="hljs-attribute">-r</span> <!--
 								-->'s/listen (.*)443/listen \1443;#/g; s/ssl_(certificate|certificate_key|trusted_certificate) /#;#ssl_\1/g' <!--
 								-->/etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ domain() }}.conf
 								<span class="hljs-comment"># <strong>HTTPS - certbot</strong>: obtain certificates</span>
-												certbot command fixes

											
										
										
											2018-03-10 11:33:23 +00:00
+								<span class="hljs-section">certbot certonly</span> <!--
 								--><span class="hljs-attribute">--webroot</span> <!--
 								--><span ng-if="isNonWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> {{ domain() }} </span><!--
 								--><span ng-if="isWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> www.{{ domain() }} </span><!--
 								--><span ng-if="isCDN()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> cdn.{{ domain() }} </span><!--
-												Let's Encrypt: info@

											
										
										
											2018-08-28 19:57:21 +00:00
+								--><span class="hljs-attribute">--email</span> {{ data.email ? data.email : 'info@' + domain() }} <!--
-												certbot command fixes

											
										
										
											2018-03-10 11:33:23 +00:00
+								--><span class="hljs-attribute" tooltips tooltip-template="--webroot-path">-w</span> /var/www/_letsencrypt <!--
 								--><span class="hljs-attribute" tooltips tooltip-template="--non-interactive">-n</span> <!--
 								--><span class="hljs-attribute">--agree-tos</span> <!--
-												sed commands for SSL directives disable/enable

											
										
										
											2018-12-02 16:13:48 +00:00
+								--><span class="hljs-attribute">--force-renewal</span>
 								<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (after first run): enable SSL directives</span>
 								<span class="hljs-section">sed</span> <!--
 								--><span class="hljs-attribute">-i</span> <!--
 								--><span class="hljs-attribute">-r</span> <!--
 								-->'s/#?;#//g' <!--
-												newline fix

											
										
										
											2018-12-02 16:20:43 +00:00
+								-->/etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ domain() }}.conf<!--
-												WordPress: fix CVE-2018-6389

											
										
										
											2018-02-21 00:54:13 +00:00
-												fallback refactor

											
										
										
											2018-06-11 22:41:57 +00:00
+								--></span>