Subj : Re: Lets Encrypt and NPM
To   : poindexter FORTRAN
From : fusion
Date : Thu May 16 2024 19:48:00

On 16 May 2024, poindexter FORTRAN said the following...
 
 pF> Instead of running SSL natively on Synchronet, would anything break by
 pF> just running http internally and using NPM to manage certificates and
 pF> then pass on HTTPS traffic to HTTP internally?

i have mine set up like this.. perhaps it will be useful:

server {
    listen 443 ssl;

    ssl_certificate /etc/ssl/certificate_for_allofthem.crt
    ssl_certificate_key <yadda>

    # boilerplate stuff
    root /var/www/example;
    index index.html index.htm;

    server_name example.cfbbs.net;

    # magic
    location /.well-known/ {
        alias /var/www/steal/verification/example/.well-known/;
    }

    # pass everything else
    location / {
        proxy_pass http://local_machine:3000; # or whatever
        <other stuff for proxy_pass>
    }
}

then i do all the certificate updates from the one machine that runs the nginx proxy with a crontab entry

--- Mystic BBS v1.12 A47 2021/12/25 (Windows/32)
 # Origin: cold fusion - cfbbs.net - grand rapids, mi
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.