Setup your web server with Nginx and SSL using Certbot

This article will illustrate how to setup a web server with https using

Nginx and CertBot.

Demo requirements:

• Ubuntu 18.04 server.

Note: — This article will cover only how to setup the web server with nginx, pm2 and CertBot.

Let’s start:

1 — Connect to your server via SSH

ssh username@ip

2 — Update dependencies

sudo apt-get update

3 — If your project is not in the sever yet then clone it.

4 — Install needed packages

sudo apt-get install git nginx certbot python-certbot-nginx nodejs npm snapd

5 — Install the process manager`

npm install -g pm2

6 — Get sure that your DNS record exists and your domain name is accessible.

ping example.com

7 — Start Nginx and check status

systemctl start nginx
systemctl status nginx

Get sure that the console shows your Nginx is active.

8 — Create an Nginx config file for your server, let’s assume the server’s domain name is letscode.com

sudo nano /etc/nginx/conf.d/letscode.conf

9 — Copy/past the Nginx config, our webup will be served on port 5000 (Build of React app for examole)

server {
server_name letscode.com www.letscode.com;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#upgrade to WebSocket protocol when requested
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
}
}

10 — Go to the Nginx global configuration and get sure that only conf.d files are considered,

sudo nano /etc/nginx/nginx.conf

Comment this line

#include /etc/nginx/sites-enabled/*;

11 — Now restart Nginx and check the status, it should indicate active, if not check the errors.

systemctl start nginx
systemctl status nginx

12 — Navigate to your web app and start the web server using pm2

pm2 serve build 5000 --spa

13 — Awesome, our app now is served on www.letscode.com,

let’s add a letsEncrypt certificate using certbot

14 — We will use certbot to generate SSL certificates

sudo certbot --nginx -d letscode.com

Follow the instruction, get sure to select option “2” to redirect to “https”,

then done, if you check your nginx conf file /etc/nginx/conf.d/letscode.conf

you will see that certBot added the https config for you.

Remember to add a crontab to update the SSL certificates before its expiration using the same command.