centos7 安装 certbot 动态更新Let's encrypt 证书实现nginx免费ssl证书
先更新内核,然后安装nginx。启用bbr。
yum install yum-plugin-copr
yum copr enable @caddy/caddy
yum install caddy
sudo yum install snapd
sudo systemctl enable --now snapd.socket
sudo yum install epel-release
sudo yum install snapd
sudo systemctl enable --now snapd.socket
sudo snap install core; sudo snap refresh core
reboot
sudo snap install core; sudo snap refresh core
sudo snap install core
snap install core
systemctl enable snapd
systemctl start --now snapd.socket
snap install core
snap refresh core
snap install --classic certbot
ln -s /var/lib/snapd/snap /snap
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
certbot --nginx
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
yum install yum-plugin-copr
yum copr enable @caddy/caddy
yum install caddy
sudo yum install snapd
sudo systemctl enable --now snapd.socket
sudo yum install epel-release
sudo yum install snapd
sudo systemctl enable --now snapd.socket
sudo snap install core; sudo snap refresh core
reboot
sudo snap install core; sudo snap refresh core
sudo snap install core
snap install core
systemctl enable snapd
systemctl start --now snapd.socket
snap install core
snap refresh core
snap install --classic certbot
ln -s /var/lib/snapd/snap /snap
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
certbot --nginx
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
安装完毕后,配置nginx即可:
vim /etc/nginx/conf.d/default.conf
在server一节配置如下:
location / {
try_files $uri $uri/ =404;
#root /usr/share/nginx/html;
#index index.html index.htm;
}
location /your_v2_url_path {
proxy_redirect off;
proxy_pass http://127.0.0.1:your_v2_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Show realip in v2 access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
就可以实现你想要的功能了,enjoy~~~