Edit this page | Blame

Letsencrypt

Tags

  • assigned: pjotr
  • type: bug
  • priority: critical
  • status: open

Tasks

  • [ ] gn2-zach
  • [ ] gn2-test
  • [ ] production
  • [X] letsencrypt is failing on P2 and Tux01 (expiry Nov12)

- letsencrypt was down

  • [X] ucscbrowser needs a certificate (now forwards http -> https)

Notes

Reopen

I reopened the task to migrate production to https fully. Started with gn2-zach's testing instance and redirected http -> https with letsencrypt. Errors show in browser console that the menu loader is hard coded, for example.

Blocked loading mixed active content ���http://gn2-zach.genenetwork.org/api4//menu/generate/json���

That needs to be updated in settings.

See also

gn2-test

I also added a path to tux02 with gn2-test.genenetwork.org at port 5010 for testing.

Setup

certbot --nginx -d host.genenetwork.org
certbot renew --dry-run

CRON, for example

22 4 * * 3 sheepdog_run.rb -c '/usr/bin/certbot renew --quiet' --always --tag CERTBOT >> ~/cron.log 2>&1

Add certificate

certbot certonly --nginx --agree-tos --preferred-challenges http -d ucscbrowser.genenetwork.org --register-unsafely-without-email
(made with skribilo)