Oops, fix serving over IPv6 (and therefore HTTPS cert renewal!)
Oh wow, TIL you need a special invocation in nginx to listen on IPv6 as well as IPv4. This was both presumably breaking clients trying to connect over IPv6 (I guess we never ran into that in a browser?), but also breaking certbot's certificate renewal attempts, because Let's Encrypt prefers IPv6 when possible. Okay!
This commit is contained in:
parent
72aba0d579
commit
8633124883
1 changed files with 2 additions and 2 deletions
|
|
@ -29,7 +29,7 @@
|
||||||
content: |
|
content: |
|
||||||
server {
|
server {
|
||||||
server_name analytics.openneo.net;
|
server_name analytics.openneo.net;
|
||||||
listen 80;
|
listen [::]:80;
|
||||||
if ($host = analytics.openneo.net) {
|
if ($host = analytics.openneo.net) {
|
||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
}
|
}
|
||||||
|
|
@ -37,7 +37,7 @@
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name analytics.openneo.net;
|
server_name analytics.openneo.net;
|
||||||
listen 443 ssl;
|
listen [::]:443 ssl;
|
||||||
ssl_certificate /etc/letsencrypt/live/analytics.openneo.net/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/analytics.openneo.net/fullchain.pem;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/analytics.openneo.net/privkey.pem;
|
ssl_certificate_key /etc/letsencrypt/live/analytics.openneo.net/privkey.pem;
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue