Opened 9 months ago
Closed 8 months ago
#89 closed Problem (Works For Me)
Route .well-known through nginx on git server
Reported by: | D Delmar Davis | Owned by: | D Delmar Davis |
---|---|---|---|
Priority: | Important | Milestone: | Make Shit Happen / Own Your Shit. |
Component: | Documentation | Keywords: | letsencrypt |
Cc: | Joe Dumoulin |
Description (last modified by )
Since gitea broke that link we should let the proxy do it. Should also figure out how to make this automatable as manually doing this every 3 months sucks.
Change History (2)
comment:1 Changed 8 months ago by
comment:2 Changed 8 months ago by
Description: | modified (diff) |
---|---|
Resolution: | → Works For Me |
Status: | assigned → closed |
Realized that I was proxying this through apache. Added .well-known to /var/www/html and filtered the proxy.
<VirtualHost *:443> DocumentRoot /var/www/html ServerAdmin don@suspectdevices.com ServerName git.suspectdevices.com ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyPassReverseCookieDomain localhost git.suspectdevices.com SSLCertificateFile /etc/letsencrypt/live/git.suspectdevices.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/git.suspectdevices.com/privkey.pem <Proxy *> Order allow,deny Allow from all </Proxy> ProxyPass /.well-known ! ProxyPass / https://127.0.0.1:3000/ ProxyPassReverse / https://127.0.0.1:3000/ </VirtualHost>
Note: See
TracTickets for help on using
tickets.
https://rajeeshknambiar.wordpress.com/2021/05/08/letsencrypt-certificate-renewal-nginx-with-reverse-proxy/