I’ve made the switch from Apache over to Nginx. Its faster, lightweight and just a lot easier to configure, especially when it comes to my new fascination with Docker.

docker

Anyway, I digress.

My Debian server has a squeaky clean Nginx install on it, alongside it I have got Percona as a replacement for MySQL with my Wordpress database sat on it. I set out to get wordpress working with Nginx and then get an SSL certificate installed on it too. So, after downloading it, and popping it into a safe place, I started editing the config:

server { listen 80 default_server; listen [::]:80 default_server; root /srv/andydixon.com; index index.php; server_name www.andydixon.com; location / { try_files $uri $uri/ /index.php?$uri; #try_files $uri $uri/ =404; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php5-fpm.sock; } }

That got me working, but I wanted more! I want SSL!

I used certbot which gives out free legit SSL certificates, so I followed the instructions to install it on the box and proceeded to generate a certificate:

$ certbot certonly --webroot -w /srv/andydixon.com -d www.andydixon.com

Followed the instructions on-screen and the next thing you know I have a certificate ready and waiting on my machine.

Now the important part. Adding the configuration to Nginx.

This was amazingly simple (after I figured out I had added .com twice in the path). After the listen [::]:80 line, I added the following:

listen 443 ssl; ssl_certificate /etc/letsencrypt/live/www.andydixon.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.andydixon.com/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

Of course, if you are copy and pasting this, replace www.andydixon.com with the domain name you registered with Certbot.

Thats it! Once you restart Nginx, your site will be available in