Ceci est une ancienne révision du document !

Tentative d'installation d'un reverse nginx avec let's encrypt sur un rpi2 :

https://homeserver-diy.net/wiki/index.php?title=Installation_et_configuration_d%E2%80%99un_reverse_proxy_avec_NginX

https://homeserver-diy.net/wiki/index.php?title=Utilisation_d%27Nginx_comme_reverse_proxy_avec_un_certificat_auto-sign%C3%A9,_Let%27s_Encrypt_et_un_chiffrement_fort

https://www.techcoil.com/blog/installing-certbot-on-raspbian-jessie-lite-for-deploying-lets-encrypt-certificates/

sudo apt install -y nginx
 
# sudo chown www-data:www-data /var/www <-- à revoir
 
sudo nano /etc/nginx/conf.d/proxy.conf
 
cd /opt
 
sudo apt install -y git-core
 
sudo git clone https://github.com/letsencrypt/letsencrypt
 
cd letsencrypt/
 
sudo service nginx stop 
 
sudo ./letsencrypt-auto certonly -d votrenomde.domaine --rsa-key-size 4096
 
How would you like to authenticate with the ACME CA?
-------------------------------------------------------------------------------
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
 
Choix 1
 
sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-enabled/ori.default
 
sudo nano /etc/nginx/sites-enabled/default
 
sudo openssl dhparam -out /etc/ssl/private/dhparams.pem 4096
 
sudo nginx -t
 
sudo nano /etc/nginx/nginx.conf 
 
sudo systemctl start nginx
 
sudo sed -i "$ a\deb http://ftp.debian.org/debian jessie-backports main" /etc/apt/sources.list
 
sudo apt-get update && sudo apt-get install certbot -t jessie-backports -y --force-yes

Tentative d'installation d'un reverse nginx avec let's encrypt sur un rpi0 :

https://www.techcoil.com/blog/how-to-setup-a-reverse-proxy-server-with-nginx-raspian-jessie-lite-and-raspberry-pi-3/

https://www.techcoil.com/blog/installing-certbot-on-raspbian-jessie-lite-for-deploying-lets-encrypt-certificates/

https://www.techcoil.com/blog/how-to-enable-secured-remote-management-of-d-link-dir-series-router-with-certbot-nginx-raspbian-jessie-lite-and-raspberry-pi-3/

sudo apt-get update && sudo apt-get install nginx -y --fix-missing

sudo sed -i "$ a\deb http://ftp.debian.org/debian jessie-backports main" /etc/apt/sources.list

sudo apt-get update && sudo apt-get install certbot -t jessie-backports -y --force-yes

sudo certbot certonly

sudo nano /etc/nginx/sites-enabled/ipgm.ilad.fr.conf

server {
    listen 80;
    server_name  ipgm.ilad.fr;

    root /var/www/ipgm.ilad.fr;

    location ~ /.well-known {
        allow all;
    }
}

sudo mkdir /var/www/ipgm.ilad.fr

sudo systemctl restart nginx.service

sudo certbot certonly --webroot -w /var/www/ipgm.ilad.fr/ -d ipgm.ilad.fr

https://letsencrypt.status.io/

Reverse nginx avec let's encrypt sur un rpi0 debian 9 :

sudo apt install -y nginx

sudo nano /etc/nginx/conf.d/proxy.conf

sudo service nginx stop 

sudo apt update && sudo apt install -y certbot python-certbot-nginx 

sudo certbot --nginx

sudo nano /etc/nginx/sites-enabled/default && sudo service nginx reload

Supprimer une certificat let's encrypt :

certbot revoke --cert-path /etc/letsencrypt/live/CERTNAME/cert.pem --reason cessationofoperation

certbot delete --cert-name example.com

.