fix(nginx): enable SSL block with correct Lets Encrypt paths

2025-12-30 21:07:41 +01:00
parent aeea84862b
commit c06a77697c
1 changed files with 21 additions and 21 deletions
--- a/native_crumbcore_v1/nginx/crumbforest.nginx.conf
+++ b/native_crumbcore_v1/nginx/crumbforest.nginx.conf
@@ -25,24 +25,24 @@ server {
 }

 # HTTPS Configuration (uncomment when SSL is ready)
-# server {
-#     listen 443 ssl http2;
-#     listen [::]:443 ssl http2;
-#     server_name crumbforest.194-164-194-191.sslip.io;
-# 
-#     # SSL Certificate paths (adjust based on your setup)
-#     ssl_certificate /etc/ssl/certs/crumbforest.crt;
-#     ssl_certificate_key /etc/ssl/private/crumbforest.key;
-# 
-#     # SSL Security Settings
-#     ssl_protocols TLSv1.2 TLSv1.3;
-#     ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
-#     ssl_prefer_server_ciphers off;
-#     ssl_session_cache shared:SSL:10m;
-#     ssl_session_timeout 10m;
-# 
-#     # HSTS (optional but recommended)
-#     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-# 
-#     include /etc/nginx/sites-available/crumbforest-locations.conf;
-# }
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name crumbforest.194-164-194-191.sslip.io;
+
+    # SSL Certificate paths (Let's Encrypt)
+    ssl_certificate /etc/letsencrypt/live/crumbforest.194-164-194-191.sslip.io/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/crumbforest.194-164-194-191.sslip.io/privkey.pem;
+
+    # SSL Security Settings
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # HSTS (optional but recommended)
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    include /etc/nginx/sites-available/crumbforest-locations.conf;
+}