Allow acme routes on port 80, so certbot update will not fail

2024-11-16 09:01:38 +00:00 · 2018-06-18 16:06:33 +02:00 · 2018-06-18 16:06:33 +02:00 · d401eb9163
parent 78326e41f6
commit d401eb9163
1 changed files with 11 additions and 1 deletions
--- a/image/seafile/templates/seafile.nginx.conf.template
+++ b/image/seafile/templates/seafile.nginx.conf.template
@ -4,7 +4,17 @@
 server {
    listen 80;
    server_name _ default_server;
-    rewrite ^ https://{{ domain }}$request_uri? permanent;
+
+    # allow certbot to connect to challenge location via HTTP Port 80
+    # otherwise renewal request will fail
+    location /.well-known/acme-challenge/ {
+        alias /var/www/challenges/;
+        try_files $uri =404;
+    }
+
+    location / {
+        rewrite ^ https://{{ domain }}$request_uri? permanent;
+    }
 }
 {% endif -%}