Last active
March 21, 2025 09:56
-
-
Save lincolnaleixo/a081f76986fac0e4dc8d95479239f2d4 to your computer and use it in GitHub Desktop.
lets encrypt + nginx for https
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| DOMAIN="domain.com” | |
| LOCAL_PORT="3000" | |
| EMAIL="email@gmail.com” | |
| echo "Starting setup for $DOMAIN pointing to localhost:$LOCAL_PORT" | |
| sudo apt update | |
| sudo apt install -y nginx certbot python3-certbot-nginx | |
| echo "Creating Nginx configuration for $DOMAIN..." | |
| sudo bash -c "cat > /etc/nginx/sites-available/$DOMAIN << 'EOF' | |
| server { | |
| listen 80; | |
| server_name $DOMAIN; | |
| location / { | |
| proxy_pass http://localhost:$LOCAL_PORT; | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade \$http_upgrade; | |
| proxy_set_header Connection 'upgrade'; | |
| proxy_set_header Host \$host; | |
| proxy_set_header X-Real-IP \$remote_addr; | |
| proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto \$scheme; | |
| proxy_cache_bypass \$http_upgrade; | |
| } | |
| } | |
| EOF" | |
| echo "Enabling the site..." | |
| if [ -f "/etc/nginx/sites-enabled/$DOMAIN" ]; then | |
| echo "Symlink already exists, skipping..." | |
| else | |
| sudo ln -s /etc/nginx/sites-available/$DOMAIN /etc/nginx/sites-enabled/ | |
| fi | |
| echo "Testing Nginx configuration..." | |
| sudo nginx -t | |
| echo "Reloading Nginx..." | |
| sudo systemctl reload nginx | |
| echo "Obtaining SSL certificate for $DOMAIN..." | |
| sudo certbot --nginx --non-interactive --agree-tos --email "$EMAIL" --redirect -d "$DOMAIN" | |
| echo "Setup complete! Your service should now be available at https://$DOMAIN" | |
| echo "Checking response headers from $DOMAIN..." | |
| curl -I "https://$DOMAIN" | |
| echo "Starting test HTTP server on port $LOCAL_PORT..." | |
| python3 -c ' | |
| import http.server, socketserver | |
| handler = http.server.SimpleHTTPRequestHandler | |
| def custom_get(self): | |
| self.send_response(200) | |
| self.send_header("Content-type", "text/html") | |
| self.end_headers() | |
| self.wfile.write(b"<html><body><h1>SSL Certificate Test - Working!</h1><p>Certificate and Nginx proxy are working correctly.</p></body></html>") | |
| handler.do_GET = custom_get | |
| with socketserver.TCPServer(("", '$LOCAL_PORT'), handler) as httpd: | |
| print("Press CTRL+C to stop the server.") | |
| httpd.serve_forever() | |
| ' | |
| echo "Script complete!" |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
implemented http server to test it globally