1.2 KiB
Executable File
1.2 KiB
Executable File
Install Acme.sh for nginx
apt install socat curl
mkdir /etc/nginx/acme
chmod 740 /etc/nginx/acme
chown nginx:nginx /etc/nginx/acme
chmod g+s,o+s,u+s /etc/nginx/acme
sudo -s -u nginx
curl -o /tmp/acme.sh "https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh"
cd /tmp
bash ./acme.sh --home /etc/nginx/acme --install
Issue cert
sudo -s -u nginx
cd /etc/nginx/acme
./acme.sh --home /etc/nginx/acme --issue --server letsencrypt --standalone --httpport 18080 -d domain.com -d domain.com --test
./acme.sh --home /etc/nginx/acme --issue --server letsencrypt --standalone --httpport 18080 -d domain.com -d domain.com --force
Allow acme.sh under nginx to reload itself
echo "# Allow reloading of nginx
nginx ALL=(ALL) NOPASSWD: /bin/systemctl force-reload nginx.service
" | tee /etc/sudoers.d/allow-user-nginx-to-force-reload-nginx
Install cert
sudo -s -u nginx
cd /etc/nginx/acme
./acme.sh --home /etc/nginx/acme --install-cert -d domain.com \
--key-file /etc/nginx/pem/domain.com-key.pem \
--fullchain-file /etc/nginx/pem/domain.com-cert.pem \
--reloadcmd "sudo /bin/systemctl force-reload nginx.service"