From a19d98ce7e590e6c7f82aa08f7e9791a72e2e8bc Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Sun, 7 Jun 2020 14:14:41 +0200 Subject: Split english and norwegian posts. This turned out a bit different than I initially though. The english and norwegian sections will essentially be separate. Afaict there's no direct way to make a "combined view" listing both english and norwegian posts. However, I think that's fine. Let's roll with this for now. --- .../index.en.md | 71 ++++++++++++++++++++++ .../index.md | 71 ---------------------- 2 files changed, 71 insertions(+), 71 deletions(-) create mode 100644 content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.en.md delete mode 100644 content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.md (limited to 'content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd') diff --git a/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.en.md b/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.en.md new file mode 100644 index 0000000..1784881 --- /dev/null +++ b/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.en.md @@ -0,0 +1,71 @@ ++++ +title = "Setting up Let's Encrypt with Ruby on Rails and FreeBSD" +lang = "en" + +[taxonomies] +tags = ["FreeBSD", "letsencrypt", "tips & tricks"] + +[extra] +author = "harald" ++++ + +{% figure(img="letsencrypt-logo-horizontal.svg") %} +Let's Encrypt logo. +{% end %} + +I've been following [Let's Encrypt] for a while, and the idea is as simple as +it's brilliant! Make it so easy to add a encryption to your webserver setup +that there's really no reson not to. Traditionally this has been both a +cumbersome and potentially expensive investment. At least for smaller stuff +like your average blog or community web site getting a certificate and setting +it all up has been a hassle. + + + +So I really like the idea of Let's Encrypt, and since they've just launched +their [public beta program] in time for the renewal of one of my certificates +I decided to give it a spin. The process was surprisingly painless. + +The base Let's Encrypt program is already in the [FreeBSD ports collection], +so installing it was as simple as running: + + portmaster -P /usr/ports/security/py-letsencrypt + +There was quite a bit of dependencies to be installed, but the ports system +takes care of that, and portmaster helps make the process really smooth. A few +config options and 10 minutes later everything was built and installed. + +Next step was to generate the certificates. After a few misses I found the +right invocation: + + sudo letsencrypt certonly --webroot \ + -w /usr/local/www/my_rails_app_dir/current/public/ \ + -d mydomain.com -d www.mydomain.com + +Half a minute later I have my certificates in +`/usr/local/etc/letsencrypt/live/mydomain.com`. I just had to update the apache +config and everything worked right away. + +The Let's Encrypt website warns that you may have to shut down your webserver +while it does it's job. That was not neccesary in this case. It seems this is +only neccesary if you run with the `--standalone` option. The `--webroot` +and `-w` options on the other hand allows you to specify manually where +`letsencrypt` should put it's challenge files. + +The Let's Encrypt server then accesses these files using the regular webserver +you're already running. Since this particular domain runs a [Ruby on Rails] +app deployed using [Capistrano] I ended up with the path above. + +I had quite frankly expected that there should be more bumps. For one, this +*is* still a beta, and they do warn that there will be bugs on their website. +Further not all software developed for Linux runs equally smooth on FreeBSD, +but this time there was no need for worrying. + +The plugins for apache and nginx are not yet available in the ports tree +however, so I'm running things manually for now. + +[Let's Encrypt]: https://letsencrypt.org/ +[public beta program]: https://letsencrypt.org/2015/12/03/entering-public-beta.html +[FreeBSD ports collection]: https://www.freebsd.org/cgi/ports.cgi?query=letsencrypt&stype=all +[Ruby on Rails]: http://rubyonrails.org/ +[Capistrano]: http://capistranorb.com/ diff --git a/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.md b/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.md deleted file mode 100644 index 1784881..0000000 --- a/content/blog/2015-12-21-setting-up-lets-encrypt-with-ruby-on-rails-and-freebsd/index.md +++ /dev/null @@ -1,71 +0,0 @@ -+++ -title = "Setting up Let's Encrypt with Ruby on Rails and FreeBSD" -lang = "en" - -[taxonomies] -tags = ["FreeBSD", "letsencrypt", "tips & tricks"] - -[extra] -author = "harald" -+++ - -{% figure(img="letsencrypt-logo-horizontal.svg") %} -Let's Encrypt logo. -{% end %} - -I've been following [Let's Encrypt] for a while, and the idea is as simple as -it's brilliant! Make it so easy to add a encryption to your webserver setup -that there's really no reson not to. Traditionally this has been both a -cumbersome and potentially expensive investment. At least for smaller stuff -like your average blog or community web site getting a certificate and setting -it all up has been a hassle. - - - -So I really like the idea of Let's Encrypt, and since they've just launched -their [public beta program] in time for the renewal of one of my certificates -I decided to give it a spin. The process was surprisingly painless. - -The base Let's Encrypt program is already in the [FreeBSD ports collection], -so installing it was as simple as running: - - portmaster -P /usr/ports/security/py-letsencrypt - -There was quite a bit of dependencies to be installed, but the ports system -takes care of that, and portmaster helps make the process really smooth. A few -config options and 10 minutes later everything was built and installed. - -Next step was to generate the certificates. After a few misses I found the -right invocation: - - sudo letsencrypt certonly --webroot \ - -w /usr/local/www/my_rails_app_dir/current/public/ \ - -d mydomain.com -d www.mydomain.com - -Half a minute later I have my certificates in -`/usr/local/etc/letsencrypt/live/mydomain.com`. I just had to update the apache -config and everything worked right away. - -The Let's Encrypt website warns that you may have to shut down your webserver -while it does it's job. That was not neccesary in this case. It seems this is -only neccesary if you run with the `--standalone` option. The `--webroot` -and `-w` options on the other hand allows you to specify manually where -`letsencrypt` should put it's challenge files. - -The Let's Encrypt server then accesses these files using the regular webserver -you're already running. Since this particular domain runs a [Ruby on Rails] -app deployed using [Capistrano] I ended up with the path above. - -I had quite frankly expected that there should be more bumps. For one, this -*is* still a beta, and they do warn that there will be bugs on their website. -Further not all software developed for Linux runs equally smooth on FreeBSD, -but this time there was no need for worrying. - -The plugins for apache and nginx are not yet available in the ports tree -however, so I'm running things manually for now. - -[Let's Encrypt]: https://letsencrypt.org/ -[public beta program]: https://letsencrypt.org/2015/12/03/entering-public-beta.html -[FreeBSD ports collection]: https://www.freebsd.org/cgi/ports.cgi?query=letsencrypt&stype=all -[Ruby on Rails]: http://rubyonrails.org/ -[Capistrano]: http://capistranorb.com/ -- cgit v1.2.3