Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
rpi_nimbus [2019/06/23 15:07] – [Backup & archive veb resources] Júne Park | rpi_nimbus [2019/08/03 04:40] – [Let's Encrypt via repository] Júne Park | ||
---|---|---|---|
Line 26: | Line 26: | ||
{{: | {{: | ||
- | * Name: {{material> | + | Name: {{material> |
---- | ---- | ||
==== Specification ==== | ==== Specification ==== | ||
- | * Model: [[https:// | + | {{material> |
- | | + | |
- | | + | {{material>sd_storage?32&color=#355834}} {{fa> |
- | | + | |
+ | === Live status of storages === | ||
+ | |||
+ | <code ini> | ||
+ | Mounted on Type Size Used Avail Use% | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | {{material>network_wifi?32&color=#6E633D}} Wired ('' | ||
+ | |||
+ | {{material>https?32&color=#C2A878}} Web service and web resources including [[wp> | ||
---- | ---- | ||
Line 55: | Line 66: | ||
==== +Work logs ==== | ==== +Work logs ==== | ||
- | * {{fa> | + | * {{fa> |
* '' | * '' | ||
* {{fa> | * {{fa> | ||
Line 68: | Line 79: | ||
< | < | ||
■ For archived history of SSL renewal | ■ For archived history of SSL renewal | ||
+ | * {{fa> | ||
* '' | * '' | ||
* '' | * '' | ||
Line 143: | Line 155: | ||
</ | </ | ||
+ | ---- | ||
+ | |||
+ | ==== Let's Encrypt via repository ==== | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt update | ||
+ | sudo apt install certbot python-certbot-nginx | ||
+ | </ | ||
+ | |||
+ | command is same as '' | ||
+ | |||
+ | === Create certificate(s) === | ||
+ | |||
+ | <code bash> | ||
+ | | ||
+ | </ | ||
+ | |||
+ | === Renew certificate(s) === | ||
+ | |||
+ | <code bash> | ||
+ | | ||
+ | </ | ||
+ | |||
+ | === Delete certificate(s) === | ||
+ | |||
+ | <code bash> | ||
+ | | ||
+ | </ | ||
+ | |||
+ | |||
+ | === Renew certificate(s) using systemd === | ||
+ | |||
+ | Check renewal executes without error, | ||
+ | |||
+ | <code bash> | ||
+ | sudo certbot renew --dry-run | ||
+ | </ | ||
+ | |||
+ | == Service unit file == | ||
+ | |||
+ | If no error, edit **service unit file** typically stored in ''/ | ||
+ | |||
+ | <code ini> | ||
+ | [Unit] | ||
+ | Description=Certbot Renewal | ||
+ | |||
+ | [Service] | ||
+ | ExecStart=/ | ||
+ | </ | ||
+ | |||
+ | Which restarts web service after renewing certificate(s). | ||
+ | |||
+ | == Timer unit file == | ||
+ | |||
+ | Modify ''/ | ||
+ | |||
+ | <code ini> | ||
+ | [Unit] | ||
+ | Description=Timer for Certbot Renewal | ||
+ | |||
+ | [Timer] | ||
+ | OnBootSec=300 | ||
+ | OnUnitActiveSec=2w | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | </ | ||
+ | |||
+ | The configuration below will activate the service biweekly, and 300 seconds after boot-up. | ||
+ | |||
+ | == Using systemctl and journalctl == | ||
+ | |||
+ | To start the timer | ||
+ | <code bash> | ||
+ | sudo systemctl start certbot-renewal.timer | ||
+ | </ | ||
+ | |||
+ | To enable the timer to be started on boot-up | ||
+ | <code bash> | ||
+ | sudo systemctl enable certbot-renewal.timer | ||
+ | </ | ||
+ | |||
+ | To show status information for the timer | ||
+ | <code bash> | ||
+ | systemctl status certbot-renewal.timer | ||
+ | </ | ||
+ | |||
+ | To show journal entries for the timer | ||
+ | journalctl -u certbot-renewal.service | ||
+ | | ||
---- | ---- | ||
==== SSL Configuration on Nginx ==== | ==== SSL Configuration on Nginx ==== | ||
Line 545: | Line 647: | ||
<code bash> | <code bash> | ||
sudo systemctl disable hciuart | sudo systemctl disable hciuart | ||
+ | </ | ||
+ | |||
+ | ---- | ||
+ | ==== Solved Problems ==== | ||
+ | |||
+ | === symbol lookup error === | ||
+ | |||
+ | <text type=" | ||
+ | |||
+ | <text type=" | ||
+ | <code text> | ||
+ | apt-get: symbol lookup error: / | ||
+ | </ | ||
+ | |||
+ | <text type=" | ||
+ | <code bash> | ||
+ | # Download the current version of libapt-pkg4.12 | ||
+ | wget http:// | ||
+ | |||
+ | # Install it | ||
+ | sudo dpkg -i libapt-pkg4.12_0.9.7.9+rpi1+deb7u7_armhf.deb | ||
</ | </ | ||