%20by%20%E2%80%9EDiceBear%E2%80%9D%2C%20licensed%20under%20%E2%80%9ECC0%201.0%E2%80%9D%20(https%3A%2F%2Fcreativecommons.org%2Fpublicdomain%2Fzero%2F1.0%2F)%3C%2Fdc%3Arights%3E%3C%2Frdf%3ADescription%3E%3C%2Frdf%3ARDF%3E%3C%2Fmetadata%3E%3Cmask%20id%3D%22viewboxMask%22%3E%3Crect%20width%3D%22100%22%20height%3D%22100%22%20rx%3D%220%22%20ry%3D%220%22%20x%3D%220%22%20y%3D%220%22%20fill%3D%22%23fff%22%20%2F%3E%3C%2Fmask%3E%3Cg%20mask%3D%22url(%23viewboxMask)%22%3E%3Crect%20fill%3D%22url(%23backgroundLinear)%22%20width%3D%22100%22%20height%3D%22100%22%20x%3D%220%22%20y%3D%220%22%20%2F%3E%3Cdefs%3E%3ClinearGradient%20id%3D%22backgroundLinear%22%20gradientTransform%3D%22rotate(162%200.5%200.5)%22%3E%3Cstop%20stop-color%3D%22%23ffffff%22%2F%3E%3Cstop%20offset%3D%221%22%20stop-color%3D%22%23ffffff%22%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Cg%20transform%3D%22matrix(1.2%200%200%201.2%20-10%20-10)%22%3E%3Cg%20transform%3D%22translate(-16%2C%20-9)%20rotate(125%2050%2050)%22%3E%3Cpath%20d%3D%22M100%2050A50%2050%200%201%201%200%2050a50%2050%200%200%201%20100%200Z%22%20fill%3D%22%23e34aab%22%2F%3E%3C%2Fg%3E%3C%2Fg%3E%3Cg%20transform%3D%22matrix(.8%200%200%20.8%2010%2010)%22%3E%3Cg%20transform%3D%22translate(21%2C%200)%20rotate(30%2050%2050)%22%3E%3Cpath%20d%3D%22m50%207%2050%2086.6H0L50%207Z%22%20fill%3D%22%23ff8000%22%2F%3E%3C%2Fg%3E%3C%2Fg%3E%3Cg%20transform%3D%22matrix(.4%200%200%20.4%2030%2030)%22%3E%3Cg%20transform%3D%22translate(-3%2C%20-24)%20rotate(-89%2050%2050)%22%3E%3Cpath%20fill-rule%3D%22evenodd%22%20clip-rule%3D%22evenodd%22%20d%3D%22M50%207%200%2093.6h100L50%207Zm0%2020L17.3%2083.6h65.4L50%2027Z%22%20fill%3D%22%2300d2a8%22%2F%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fsvg%3E)
1. Install NGINX
apt-get install nginxDone! Just kidding.
2. Get Certbot if you want to use LetsEncrypt
sudo snap install --classic certbot3. Set up NGINX
sudo curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/ssl/ffdhe4096.pem
sudo ufw allow 'Nginx Full'Then update settings:
> sudo nano /etc/nginx/nginx.conf
worker_connections 1024;
server_tokens off;
4. Create certificates (optional)
Create certificates BEFORE setting up NGINX config for the project with the following (remove --dry-run):
sudo certbot certonly --domains example.com --nginx --dry-run
sudo certbot renew --dry-runDon’t forget that www also needs a separate certificate.
5. Start service
systemctl enable nginx