https://github.com/hjs101/CICD_manual#젠킨스-설치도커-컨테이너-및-계정-생성
jenkins id : b208
jenkins pwd : b208
cd
sudo mkdir certbot
cd certbot
sudo mkdir conf www logs
sudo docker pull certbot/certbot
sudo docker run -it --rm --name certbot -p 80:80\\\\
-v "/home/ubuntu/certbot/conf:/etc/letsencrypt" \\\\
-v "/home/ubuntu/certbot/log:/var/log/letsencrypt" \\\\
-v "/home/ubuntu/certbot/www:/var/www/certbot" \\\\
certbot/certbot certonly
#/etc/nginx/conf.d/default.conf
upstream backend {
server j7b208.p.ssafy.io:8080;
}
server {
listen 80;
server_name j7b208.p.ssafy.io;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name j7b208.p.ssafy.io;
access_log /var/log/nginx/access.log;
ssl_certificate /etc/letsencrypt/live/j7b208.p.ssafy.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/j7b208.p.ssafy.io/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
ssl_ciphers ALL;
location / {
root /usr/share/nginx/html;
index index.html index.htm
proxy_redirect off;
charset utf-8;
try_files $uri $uri/ /index.html;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Nginx-Proxy true;
}
location /api {
rewrite ^/api/(.*|$) /$1 break;
proxy_pass <http://backend>;
proxy_redirect off;
charset utf-8;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Nginx-Proxy true;
}
}
apt-get install python3-certbot-nginx
nginx -t && nginx -s reload
sudo certbot --nginx -d j7b208.p.ssafy.io