diff --git a/README.md b/README.md index 5f9b21b..4fc6666 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ This is because SSL servers will not start without certificates. We need to bring up servers for certbot challenges. Now launch certbot: ``` +docker-compose up -d docker-compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d www.vostan.org -d drive.vostan.org ``` If dry run is successful then generate certificates removing --dry-run. diff --git a/sites/drive.vostan.org b/sites/drive.vostan.org index eca9a89..25ef51f 100644 --- a/sites/drive.vostan.org +++ b/sites/drive.vostan.org @@ -14,13 +14,13 @@ ## server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; + http2 on; server_name drive.vostan.org; # SSL configuration # - ssl on; ssl_certificate /etc/nginx/ssl/live/www.vostan.org/fullchain.pem; ssl_certificate_key /etc/nginx/ssl/live/www.vostan.org/privkey.pem; diff --git a/sites/private.vostan.org b/sites/private.vostan.org index 9d2c79a..dc6df89 100644 --- a/sites/private.vostan.org +++ b/sites/private.vostan.org @@ -17,13 +17,13 @@ ## server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; + http2 on; server_name private.vostan.org; # SSL configuration # - ssl on; ssl_certificate /etc/nginx/ssl/live/www.vostan.org/fullchain.pem; ssl_certificate_key /etc/nginx/ssl/live/www.vostan.org/privkey.pem; diff --git a/sites/www.vostan.org b/sites/www.vostan.org index 22e023d..bfd60a3 100644 --- a/sites/www.vostan.org +++ b/sites/www.vostan.org @@ -17,13 +17,13 @@ ## server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; + http2 on; server_name www.vostan.org; # SSL configuration # - ssl on; ssl_certificate /etc/nginx/ssl/live/www.vostan.org/fullchain.pem; ssl_certificate_key /etc/nginx/ssl/live/www.vostan.org/privkey.pem;