차이

문서의 선택한 두 판 사이의 차이를 보여줍니다.

--- homeserverwithdebian:certbotandapache2 [2024/04/02 15:49] – [2. Apache2 설정] baecy
+++ homeserverwithdebian:certbotandapache2 [2024/08/05 09:32] (현재) – [3. Certbot 설정] baecy
@@ 줄 1: / 줄 1: @@
 ===== Apache Webserver HTTPS + DDNS =====
 ==== 1. Apache2, Certbot 설치 ====
-<codedoc code:bash>
+<codeprism cmd=ture host=debian lang=bash>
-sudo apt install apache2 certbot python3-certbot-apache
+sudo apt install apache2 certbot python3-certbot-apache</codeprism>
-</codedoc>
 \\
 ==== 2. Apache2 설정 ====
-<codedoc code:bash>
+<codeprism cmd=true lang=bash host=debian>
 sudo a2enmod ssl
-sudo cp /etc/apache2/sites-available/{default-ssl,gamu.kr}.conf
+sudo cp /etc/apache2/sites-available/{default-ssl,gamu.kr}.conf</codeprism>
-</codedoc>
-<codedoc code:apache>
-gamu.kr.conf
+<codeprism title=gamu.kr.conf lang=apacheconf show-invis=false>
 <VirtualHost *:443>
-        ServerName  gamu.kr     ## 추가
+	ServerName  gamu.kr     ## 추가
-        ServerAlias www.gamu.kr ## ServerAlias는 더 추가 가능
+    ServerAlias www.gamu.kr ## ServerAlias는 더 추가 가능
-        ServerAdmin webmaster@localhost
+	ServerAdmin webmaster@localhost
-        DocumentRoot /var/www/html
+	DocumentRoot /var/www/html
-        ####### 중략 #######
+	ErrorLog ${APACHE_LOG_DIR}/error.log
-        Include                /etc/letsencrypt/options-ssl-apache.conf     ## Certbot
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
-        SSLCertificateFile     /etc/letsencrypt/live/gamu.kr/fullchain.pem  ## 추가한
-        SSLCertificateKeyFile  /etc/letsencrypt/live/gamu.kr/privkey.pem    ## 부분
+	SSLEngine on
-</VirtualHost>
-</codedoc>
+	SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
-<codedoc code:bash>
+	SSLCertificateKeyFile   /etc/ssl/private/ssl-cert-snakeoil.key
+	<FilesMatch "\.(?:cgi|shtml|phtml|php)$">
+		SSLOptions +StdEnvVars
+	</FilesMatch>
+	<Directory /usr/lib/cgi-bin>
+		SSLOptions +StdEnvVars
+	</Directory>
+</VirtualHost></codeprism>
+<codeprism lang=bash host=debian>
 sudo a2ensite gamu.kr.conf
-sudo systemctl restart apache2
+sudo systemctl restart apache2</codeprism>
-</codedoc>
 \\
 ==== 3. Certbot 설정 ====
-<codedoc code:bash>
+<codeprism lang=bash cmd=true>
-sudo certbot --apache   ## 실행후 질문에 선택사항 입력
+sudo certbot --apache   ## 실행후 질문에 선택사항 입력. !!Double Dash!!
 sudo systemctl restart apache2
-sudo systemctl status certbot.timer  ## 갱신 작동 확인
+sudo systemctl status certbot.timer  ## 갱신 작동 확인</codeprism>
-</codedoc>
-\\
+다음과 같은 메세지 출력시에는
+<code bash cmdout>
+Unable to find corresponding HTTP vhost;
+Unable to create one as intended addresses conflict;
+Current configuration does not support automated redirection
+</code>
+이 방법으로 적용
+<code bash>
+certbot certonly --standalone -d gamu.kr,www.gamu.kr
+</code>
 ==== 4. DDNS 자동 갱신 ====
-/usr/lib/systemd/system/gamu.service
+**/usr/lib/systemd/system/gamu.service** 작성
-<codedoc code:systemd>
+<codeprism lang=systemd>
 [Unit]
 Description=gamu.kr & www.gamu.kr DDNS(DnsZi) Renewal Service
@@ 줄 48: / 줄 61: @@
 [Service]
 Type=oneshot
-ExecStart=/usr/local/bin/wget -q -O - 'http://ddns.dnszi.com/set.html?user=<ddnzi-id>&auth=<dnszi-auth-key>&domain=gamu.kr&record='
+## DNSZi 사이트에서 코드 발행후 입력
-</codedoc>
+ExecStart=$(type -p wget) -q -O - 'http://ddns.dnszi.com/set.html?user=<ddnzi-id>&auth=<dnszi-auth-key>&domain=gamu.kr&record='</codeprism>
-/usr/lib/systemd/system/gamu.timer
+**/usr/lib/systemd/system/gamu.timer** 작성
-<codedoc code:systemd>
+<codeprism lang=systemd>
 [Unit]
 Description=Run DDNS(https://dnszi.com) Service Renewal twice daily
@@ 줄 63: / 줄 76: @@
 [Install]
 WantedBy=timers.target
-</codedoc>
+</codeprism>
 systemd 등록, 실행
-<codedoc code:bash>
+<codeprism cmd=true lang=bash>
 sudo systemctl enable gamu.timer  # 부팅시 타이머 실행 설정
 sudo systemctl start gamu.timer   # 타이머 실행
-sudo systemctl status gamu.kr     # 등록한 타이머 상태 확인
+sudo systemctl status gamu     # 등록한 타이머 상태 확인</codeprism>
-</codedoc>
+\\