×

This article covers how to install GitLab on your local devices or server. Also, you will learn how to integrate the GitLab CE into our local Ubuntu system. GitLab CE, or Community Edition, is an open-source application primarily used to host Git repositories, with additional development-related features like issue tracking. It is designed to be hosted using your own infrastructure, and provides flexibility in deploying as an internal repository store for your development team, a public way to interface with users, or a means for contributors to host their own projects.



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also, you will learn how to set up a cronjob for automatic certificate renewal.

Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. 


To Install Certbot on Ubuntu:

1. First, add the repository.

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Nginx package with apt:

$ sudo apt install python-certbot-nginx



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also you will learn how to set up a cronjob for automatic certificate renewal.


To install the Certbot software on Debian:

1. Update your package list.

$ sudo apt update

2. Next, install the dependencies for the python3-certbot-nginx package, which include the python3-acme, python3-certbot, python3-mock, python3-openssl, python3-pkg-resources, python3-pyparsing, and python3-zope.interface packages.

$ sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface

3. Finally, install the python3-certbot-nginx package:

$ sudo apt install python3-certbot-nginx



This article covers how to use the certbot Let’s Encrypt client to obtain a free SSL certificate and use it with Nginx on CentOS 7. 

Let's Encrypt is a new Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. 

Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx web servers.


To Install the Certbot Let's Encrypt Client:

1. Enable access to the EPEL repository on your server by typing:

$ sudo yum install epel-release

2. Once the repository has been enabled, you can obtain the certbot-nginx package by typing:

$ sudo yum install certbot-nginx


How to Install Nginx on CentOS ?

1. To install Nginx, run the command:

$ sudo yum install nginx

2. Then, start Nginx using systemctl:

$ sudo systemctl start nginx


How to configure firewall on CentOS ?

If you have a firewall enabled, make sure port 80 and 443 are open to incoming traffic.

1. If you have a firewalld firewall running, you can open these ports by typing:

$ sudo firewall-cmd --add-service=http
$ sudo firewall-cmd --add-service=https
$ sudo firewall-cmd --runtime-to-permanent

2. If have an iptables firewall running, the commands you need to run are highly dependent on your current rule set. For a basic rule set, you can add HTTP and HTTPS access by typing:

$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$ sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT



This article covers how to install Let’s Encrypt SSL on Ubuntu 18.04 by using Certbot. Enabling an encrypted connection to the web server is fundamental because it allows you to use the secure HTTPS protocol for your website. Let's Encrypt, a Certification Authority issues a free certificate completely in line with the required security standards. Let's Encrypt simplifies the process for installing the security certificate to help even the less experienced user secure a website through the use of the Certbot client.


To Install Certbot client on Ubuntu:

1. First, add the Certbot repository:

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Apache package with apt:

$ sudo apt install python-certbot-apache



This article covers how to secure Apache with Let's Encrypt SSL on CentOS 7 using Certbot client. Also, you will learn how to set up a cronjob for automatic certificate renewal. Basically, A security certificate is critical for securing traffic sent from web browsers to web servers. Let's Encrypt certificate is a free, open and automated certificate authority that you can use to encrypt your site. The certificate expires after every 90 days and auto-renews at absolutely no cost.


To Install Certbot in CentOS 8.

Certbot is a client that automates the installation of the security certificate. It fetches the certificate from Let's encrypt authority and deploys it on your web server without much of a hassle.

1. Before downloading certbot, first, install packages that are necessary for the configuration of an encrypted connection:

$ sudo dnf install mod_ssl openssl

2. Download certbot using the curl command:

$ sudo curl -O https://dl.eff.org/certbot-auto

3. Next, move the certbot file to the /usr/local/bin directory and assign the execute file permissions:

$ sudo mv certbot-auto /usr/local/bin
$ sudo chmod 755 /usr/local/bin/certbot-auto


To Assign the permissions to the Document root of a domain:

$ sudo chown -R apache:apache /var/www/domain.com

For the changes to come into effect, restart the Apache service:

$ sudo systemctl restart httpd



This article covers how to use certbot client of Let’s Encrypt to obtain SSL certificate for you domain.

To set these up DNS records for your server, you can follow these instructions for adding domains and then these instructions for creating DNS records:

  • An A record with your_domain pointing to your server’s public IP address.
  • An A record with www.your_domain pointing to your server’s public IP address.


To install Certbot as a snap on Debian

You must first have snapd installed on your server. 

snapd is a daemon required to install, use, and manage snaps. 

Installing the snapd package will also install the snap command on your server.

1. To install snapd, update your local package index if you've not done so recently:

$ sudo apt update

2. Then install the snapd package:

$ sudo apt install snapd

After running this command, you'll be prompted to confirm that you want to install snapd and its dependencies.

Do so by pressing Y and then ENTER.

3. Next, use the snap command to install the core snap. This will install some dependencies on your server that are needed for any snap you install, including the Certbot snap:

$ sudo snap install core

4. Then refresh the core snap. Doing so will ensure that you have the latest versions of snapd and its dependencies installed:

$ sudo snap refresh core

Following that, you can install the certbot snap with the following command.

5. Because Certbot must be allowed to edit certain configuration files in order to correctly set up certificates, this command includes the --classic option. This confinement level allows any snaps installed under it the same access to system resources as traditional packages:

$ sudo snap install --classic certbot

6. Create a symbolic link to this file in the /usr/bin/ directory to ensure that you can run the certbot command anywhere on your system:

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot



This tutorial will guide you on how to get Nginx server installed and configured on an Ubuntu Linux 18.04 LTS server.

Nginx is one of the most popular web servers in the world and is responsible for hosting some of the largest and highest-traffic sites on the internet. It is more resource-friendly than Apache in most cases and can be used as a web server or reverse proxy.


Nginx Configuration Files Structure

  • All configuration files are located in the /etc/nginx/ directory.
  • Nginx main configuration file is at /etc/nginx/nginx.conf.
  • It's best practice to create a separate configuration file of each domain for better maintainability.
  • New server blocks (configuration file) of each domain should be stored in /etc/nginx/sites-availabledirectory. You need to make symlink of these configuration files at /etc/nginx/sites-enabled to take in used by Nginx.
  • Activating server blocks is done by creating a symlink (a pointer) from the configuration file sites in a /etc/nginx/sites-enabled directory to the sites-enabled directory.
  • The default server web root directory is /var/www/html
  • It's best practice to to follow standard naming convention. Nginx server block files name should as domain name and must end with .conf extension. For example, your domain name is example.com then server block file name should example.com.conf
  • Nginx log files (access.log and error.log) are located in the /var/log/nginx/ directory. It's also recommended to have a different access and error log files for each server block.




More Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on IbmiMedia.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com