Fix LE cert renewal failures

LE contacts the server by hostname and not by IP. This means that when installing and reconfiguring the app it hits the default_server route since nginx configs for the app are not generated at. When doing in the daily cert renew, the nginx configs exist and we are unable to renew the certs.
2017-11-02 11:29:51 -07:00
parent 06f8aa8f29
commit 014b77b7aa
3 changed files with 8 additions and 2 deletions
--- a/setup/start/nginx/appconfig.ejs
+++ b/setup/start/nginx/appconfig.ejs
@@ -26,6 +26,12 @@ server {
    }
 <% } -%>

+    # acme challenges (for cert renewal where the vhost config exists)
+    location /.well-known/acme-challenge/ {
+        default_type text/plain;
+        alias /home/yellowtent/platformdata/acme/;
+    }
+
    location / {
        # redirect everything to HTTPS
        return 301 https://$host$request_uri;