This is a guide to show you how to run Shellngn with Nginx and generate HTTPS certificates with Let's Encrypt in 4 easy steps.
Step 1: Create a
docker-compose.yaml
file with the following content
Make sure to replace example.com with your domain and set your email address
services:
shellngn:
container_name: shellngn
image: shellngn/pro
volumes:
- './shellngn-data/:/home/node/server/data'
nginx-verify:
container_name: nginx-verify
restart: unless-stopped
image: nginx
ports:
- '80:80'
volumes:
- './nginx-verify.conf:/etc/nginx/nginx.conf'
- './certbot/www:/var/www/certbot'
nginx:
container_name: nginx
restart: unless-stopped
image: nginx
ports:
- '443:443'
volumes:
- './nginx.conf:/etc/nginx/nginx.conf'
- './certbot/conf:/etc/letsencrypt'
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- './certbot/conf:/etc/letsencrypt'
- './certbot/www:/var/www/certbot'
command: >-
certonly --webroot -w /var/www/certbot --force-renewal --email admin@example.com -d example.com --agree-tos
Step 2: Create a nginx.conf file with the following content
Replace example.com with your domain
events
{
# worker_connections 1024;
}
http
{
server_tokens off;
charset utf-8;
server
{
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com;
root /var/www/html;
index index.php index.html index.htm;
location /
{
proxy_pass http://shellngn:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
}
Step 3: Create a nginx-verify.conf file
This nginx configuration will allow the certbot to verify ownership of your domain.
nginx-verify.conf (click to download)
events
{
# worker_connections 1024;
}
http
{
server_tokens off;
charset utf-8;
# always redirect to https except for acme challenge
server
{
listen 80 default_server;
server_name _;
location ~ /.well-known/acme-challenge/
{
root /var/www/certbot;
}
location /
{
return 301 https://$host$request_uri;
}
}
}
Step 4: Run docker-compose
At this stage you should have 3 files in the same folder.
All you have to do now is run the following command
docker-compose up
Optional step: Setup a cron job
A certificate has a lifetime of 90 days, and it is recommended to update them after a timespan of 60 days. Therefore, you need to rerun the certbot container every 60 days to renew the certificates. You can do this by using crontab.
A crontab can be created on linux systems by running:
And adding a line with the following structure:
0 5 1 */2 * /usr/local/bin/docker-compose up -f /var/docker/docker-compose.yml certbot
The command means: Run docker-compose up -d at 5 am on the first day every 2nd month.
Related Articles
Shellngn with Nginx Proxy Manager for HTTPS
This is a guide to show you how to run Shellngn with Nginx Proxy Manager and generate HTTPS certificates with Let's Encrypt certificates. What is the Nginx Proxy Manager? The Nginx proxy manager (NPM) is a reverse proxy management system running on ...
Shellngn On Docker
Docker (www.docker.com) is an open platform making it easier to create, deploy, and run applications by using containers. This article describes the steps required to run Shellngn on Docker. With Docker, you can easily deploy Shellngn with just a ...
Copying Text When Using Terminal Applications (Midnight Commander, etc.)
Copying Text When Using Terminal Applications (Midnight Commander, etc.) When using interactive terminal applications such as Midnight Commander (mc), the mouse is typically captured by the application. This means that normal mouse selection and ...
Setup SSO with Okta
Login to your Shellngn Pro as administrator. Click on the menu icon and select Single Sign On (SSO) Make sure the Shellngn URL has your container address. In our example, it’s http://shellngn.corp.com:4000 Click on the sp-certificate.cer hyperlink to ...
Two Factor Authentication
Two-factor authentication (2FA) is an additional layer of security for your Shellngn account. With 2FA enabled, you will be prompted to enter a 6-digit code when you log in to your account. This 6-digit code will be generated by an app installed on ...