Bellsworne/SessionZeroWasm
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
29 Commits 1 Branch 0 Tags 1 MiB
C# 43.6%
HTML 41.5%
CSS 9%
Shell 3.3%
JavaScript 1.9%
Other 0.7%
master
Go to file
Chris Bell 7f15c4c8ba updating the szf format and parsers to be more consistent
2025-07-03 12:02:52 -05:00
.idea/.idea.SessionZero/.idea Init 2025-06-29 21:20:04 -05:00
SessionZero updating the szf format and parsers to be more consistent 2025-07-03 12:02:52 -05:00
.dockerignore test docker stuff 2025-07-01 23:23:12 -05:00
.gitignore Init 2025-06-29 21:20:04 -05:00
5e_template.szf Seperation of szf generator. Updated test page 2025-07-01 00:37:38 -05:00
cleanup-certificates.sh trying to clean up staging certs 2025-07-03 10:31:12 -05:00
design-doc.md Preparing for datasets screen, laying out specifications better 2025-06-30 15:26:17 -05:00
docker-compose.yml update docker to use certbot for ssl (hopefully) 2025-07-03 09:56:38 -05:00
docker-entrypoint.sh trying to clean up staging certs 2025-07-03 10:31:12 -05:00
Dockerfile update docker to use certbot for ssl (hopefully) 2025-07-03 09:56:38 -05:00
global.json Init 2025-06-29 21:20:04 -05:00
init-letsencrypt.sh trying to clean up staging certs 2025-07-03 10:31:12 -05:00
new-szf-docs.md updating the szf format and parsers to be more consistent 2025-07-03 12:02:52 -05:00
nginx.conf update docker to use certbot for ssl (hopefully) 2025-07-03 09:56:38 -05:00
old-react-datasets.txt test docker stuff 2025-07-01 23:23:12 -05:00
README.docker.md fix docker maybe 2025-07-01 23:50:40 -05:00
README.letsencrypt.md remove ssl staging 2025-07-03 10:25:50 -05:00
run-remote.sh fix docker maybe 2025-07-01 23:50:40 -05:00
SessionZero.sln Init 2025-06-29 21:20:04 -05:00
technical-specifications.md Szf parsing 2025-06-30 22:51:23 -05:00
todo.md Created character szf object. More seperation by removing the enum from ZsfObject and using reflection for szf object types. 2025-07-01 09:35:28 -05:00

README.letsencrypt.md

Let's Encrypt SSL Setup for SessionZero

Overview

This repository has been configured to automatically obtain and renew SSL certificates from Let's Encrypt for secure HTTPS connections. The setup uses Certbot with the Nginx plugin to handle certificate issuance and renewal.

Setup Instructions

  1. Initial Setup

    Before deploying for the first time, edit the init-letsencrypt.sh script and add your email address for Let's Encrypt notifications:

    # In init-letsencrypt.sh
email="your-email@example.com" # Add your email here

    Additionally, modify if needed:

    • domains - The domain(s) you want certificates for
    • rsa_key_size - The RSA key size (default: 4096)
    • The stagingflag variable has been set to empty string to use production certificates

    Note: When switching from staging to production certificates, you'll need to completely remove the existing certificates. You can use the included cleanup script:

    chmod +x cleanup-certificates.sh
./cleanup-certificates.sh

    Or manually clean up with:

    docker-compose down
rm -rf ./data/certbot/conf/live
rm -rf ./data/certbot/conf/archive
rm -rf ./data/certbot/conf/renewal
mkdir -p ./data/certbot/conf
docker-compose up -d

    Important: Ensure you've set stagingflag="" in the init-letsencrypt.sh script before running this cleanup.

  2. Directory Structure

    Ensure the following directories exist on your host machine:

    mkdir -p ./data/certbot/conf
mkdir -p ./data/certbot/www

  3. Starting the Service

    docker-compose up -d

    The first time you run the container, it will:

    • Start a temporary Nginx server
    • Request certificates from Let's Encrypt
    • Store certificates in the mounted volume
    • Restart Nginx with the SSL configuration

Certificate Renewal

Certificates will automatically renew when they're within 30 days of expiration. The container has a cron job that runs twice daily to check for renewals.

Troubleshooting

  1. Certificate Issuance Failed

    Check the logs:

    docker-compose logs sessionzero

    Common issues:

    • DNS not pointing to your server
    • Firewall blocking ports 80/443
    • Rate limits exceeded (use --staging flag to test)

  2. Manual Certificate Renewal

    You can force a renewal by executing:

    docker-compose exec sessionzero certbot renew --force-renewal

  3. Starting Over

    If you need to reset and start fresh:

    docker-compose down
rm -rf ./data/certbot
mkdir -p ./data/certbot/conf
mkdir -p ./data/certbot/www

Additional Information

  • Certificates are stored in /etc/letsencrypt inside the container, mounted to ./data/certbot/conf on the host
  • Webroot challenges are stored in /var/www/certbot inside the container, mounted to ./data/certbot/www on the host