Show pagesourceBack to top Share via Share via... Twitter LinkedIn Telegram Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents LetsEncrypt Web server config Grav Troubleshooting IMAP/SMTP cert with Let's Encrypt doesn't work STARTTLS failed with exim4 VestaCP (Server Control Panel) http://vestacp.com/ Github: https://github.com/serghey-rodin/vesta/ LetsEncrypt v-add-letsencrypt-domain USER DOMAIN [ALIASES] [RESTART] [NOTIFY] Domain mit letsencrypt-SSL hinzufügen Web server config Web server templates /usr/local/vesta/data/templates/web Grav nginx/php5-fpm/grav.tpl server { listen %ip%:%web_port%; server_name %domain_idn% %alias_idn%; root %docroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; location / { try_files $uri $uri/ /index.php?_url=$uri&$query_string; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass %backend_lsnr%; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } } ## Begin - Security # deny all direct access for these folders location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; } # deny running scripts inside core system folders location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } # deny running scripts inside user folder location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } # deny access to specific files in the root folder location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; } ## End - Security location /vstats/ { alias %home%/%user%/web/%domain%/stats/; include %home%/%user%/web/%domain%/stats/auth.conf*; } include /etc/nginx/conf.d/phpmyadmin.inc*; include /etc/nginx/conf.d/phppgadmin.inc*; include /etc/nginx/conf.d/webmail.inc*; include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; } nginx/php5-fpm/grav.stpl server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; root %docroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; location / { try_files $uri $uri/ /index.php?_url=$uri&$query_string; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass %backend_lsnr%; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } } ## Begin - Security # deny all direct access for these folders location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; } # deny running scripts inside core system folders location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } # deny running scripts inside user folder location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } # deny access to specific files in the root folder location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; } ## End - Security location /vstats/ { alias %home%/%user%/web/%domain%/stats/; include %home%/%user%/web/%domain%/stats/auth.conf*; } include /etc/nginx/conf.d/phpmyadmin.inc*; include /etc/nginx/conf.d/phppgadmin.inc*; include /etc/nginx/conf.d/webmail.inc*; include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; } Troubleshooting IMAP/SMTP cert with Let's Encrypt doesn't work Use the full chain .pem instead of the standalone cert .crt file. STARTTLS failed with exim4 setfacl -m user:Debian-exim:r-- /usr/local/vesta/ssl/* Last modified: 2019-12-20 14:21