sudo systemctl stop apache2
sudo systemctl stop nginx
-# generate initial certificates - Let's Encrypt ACME servers must be able to access your server!
+# generate initial certificates
+# Let's Encrypt ACME servers must be able to access your server! port forwarding and firewall must be properly configured
sudo certbot certonly --standalone --noninteractive --agree-tos --email "admin@shaarli.mydomain.org" -d shaarli.mydomain.org
# this will generate a private key and certificate at /etc/letsencrypt/live/shaarli.mydomain.org/{privkey,fullchain}.pem
## Examples
-The following examples assume a Debian-based operating system is installed. On other distributions you may have to adapt details such as package installation procedures, configuration file locations, and webserver username/group (`www-data` or `httpd` are common values).
-
-In these examples we assume the document root for your web server/virtualhost is at `/var/www/shaarli.mydomain.org/`:
+The following examples assume a Debian-based operating system is installed. On other distributions you may have to adapt details such as package installation procedures, configuration file locations, and webserver username/group (`www-data` or `httpd` are common values). In these examples we assume the document root for your web server/virtualhost is at `/var/www/shaarli.mydomain.org/`:
```bash
+# create the document root
sudo mkdir -p /var/www/shaarli.mydomain.org/
```
ServerName shaarli.mydomain.org
DocumentRoot /var/www/shaarli.mydomain.org/
- # Log level. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
- LogLevel warn
- # Log file locations
- ErrorLog /var/log/apache2/error.log
- CustomLog /var/log/apache2/access.log combined
-
# Redirect HTTP requests to HTTPS
RewriteEngine on
RewriteRule ^.well-known/acme-challenge/ - [L]
ServerName shaarli.mydomain.org
DocumentRoot /var/www/shaarli.mydomain.org/
- # Log level. Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
- LogLevel warn
- # Log file locations
- ErrorLog /var/log/apache2/error.log
- CustomLog /var/log/apache2/access.log combined
-
# SSL/TLS configuration (for Let's Encrypt certificates)
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/shaarli.mydomain.org/fullchain.pem
See [How to install the Apache web server](https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-debian-10) for a complete guide.
+
### Nginx
This examples uses nginx and the [PHP-FPM](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mariadb-php-lemp-stack-on-debian-10#step-3-%E2%80%94-installing-php-for-processing) PHP interpreter. Nginx and PHP-FPM must be running using the same user and group, here we assume the user/group to be `www-data:www-data`.