39 lines
1 KiB
Markdown
39 lines
1 KiB
Markdown
# SSL or HTTPS
|
|
|
|
The other day I successfully set up SSL for the LNBits reverse proxy. Here is
|
|
what I did:
|
|
|
|
- Downloaded the keys for my domain certificates from porkbun.
|
|
- Made the certs available inside the nginx container.
|
|
- Added the following stuff in the config file for nginx.
|
|
|
|
```
|
|
server {
|
|
listen 80;
|
|
server_name lnbits.contrapeso.xyz;
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name lnbits.contrapeso.xyz;
|
|
ssl_certificate /certs/domain.cert.pem;
|
|
ssl_certificate_key /certs/private.key.pem;
|
|
ssl_trusted_certificate /certs/intermediate.cert.pem;
|
|
|
|
location / {
|
|
proxy_pass http://100.93.54.53:3007;
|
|
proxy_set_header Host $host;
|
|
proxy_redirect off;
|
|
}
|
|
}
|
|
```
|
|
|
|
- Profit! http gets forbidden with the first block, and https works with the
|
|
second bit.
|
|
|
|
Also, this
|
|
link (https://stackoverflow.com/questions/63359785/how-to-use-porkbun-ssl-certificate-files-with-nginx)
|
|
has the mapping between how key files are named in nginx and porkbun. It's
|
|
pretty easy to forget the mapping.
|
|
|