신규 웹사이트 SSL 설정 하는법
2024. 1. 8. 01:57ㆍ백엔드/Docker & K8S
Certbot 설정
sudo certbot certonly --nginx -d '사이트주소'
nginx conf 만들기
server {
server_name 서버이름(도메인); # managed by Certbot
location / {
proxy_pass 포워드 시킬곳;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/서버이름(도메인)/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/서버이름(도메인)/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = 서버이름(도메인)) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name 서버이름(도메인);
return 404; # managed by Certbot
}심볼릭 링크 만들기
sudo ln -s /etc/nginx/sites-available/파일명.conf /etc/nginx/sites-enabled/파일명.conf
'백엔드 > Docker & K8S' 카테고리의 다른 글
| [Volume , Bind mount] 데이터 영구적으로 보관하기 (0) | 2023.10.28 |
|---|