# HTTPS: create Diffie-Hellman keys
openssl dhparam -dsaparam -out /etc/nginx/dhparam.pem 4096
# HTTPS: create ACME-challenge common directory
sudo -u {{ data.user }} sh -c "mkdir -p /var/www/_letsencrypt"
# HTTPS: certbot (obtain certificates)
certbot certonly --webroot -d {{ data.domain }} -d www.{{ data.domain }} -d cdn.{{ data.domain }} --email {{ data.email }} -w /var/www/_letsencrypt -n --agree-tos --force-renewal
/etc/nginx/nginx.conf
Copied!
/etc/nginx/sites-enabled/{{ data.domain }}.conf
Copied!
/etc/nginx/_ssl.conf
Copied!
/etc/nginx/_letsencrypt.conf
Copied!
/etc/nginx/_general.conf
Copied!
/etc/nginx/_php.conf
Copied!
/etc/nginx/_php_fastcgi.conf
Copied!
/etc/nginx/_wordpress.conf
Copied!