From 8349b801a5f7e5f11b0a758d7ab28d8b79eb08ea Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 8 Jul 2017 20:59:11 +0200 Subject: mv config/{apache2.conf,nginx.conf} snippets/ --- snippets/nginx.conf | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 snippets/nginx.conf (limited to 'snippets/nginx.conf') diff --git a/snippets/nginx.conf b/snippets/nginx.conf new file mode 100644 index 0000000..6753ff9 --- /dev/null +++ b/snippets/nginx.conf @@ -0,0 +1,18 @@ +# Use Nginx to serve ACME requests; either directly, or by passing them +# over to a locally-bound lacme webserver component. +# +# This file needs to be sourced to the server directives (at least the +# non-ssl one) of each virtual host requiring authorization. + +location ^~ /.well-known/acme-challenge/ { + # Pass ACME requests to lacme's webserver component + proxy_pass http://unix:/var/run/lacme.socket; + + ## Alternatively, you can let nginx serve the requests by + ## setting 'challenge-directory' to '/var/www/acme-challenge' in + ## lacme's configuration file + # alias /var/www/acme-challenge/; + # default_type application/jose+json; + # disable_symlinks on from=$document_root; + # autoindex off; +} -- cgit v1.2.3 From 8cdd29841d0dbb89e866aad36173bb26182d0c97 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 8 Jul 2017 21:02:36 +0200 Subject: Bind webserver to /var/run/lacme-www.socket by default. --- snippets/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'snippets/nginx.conf') diff --git a/snippets/nginx.conf b/snippets/nginx.conf index 6753ff9..981bdc3 100644 --- a/snippets/nginx.conf +++ b/snippets/nginx.conf @@ -6,7 +6,7 @@ location ^~ /.well-known/acme-challenge/ { # Pass ACME requests to lacme's webserver component - proxy_pass http://unix:/var/run/lacme.socket; + proxy_pass http://unix:/var/run/lacme-www.socket; ## Alternatively, you can let nginx serve the requests by ## setting 'challenge-directory' to '/var/www/acme-challenge' in -- cgit v1.2.3