给 Phabricator 增加 Lets Encrypt 证书

2018/11/13 03:27:34 [emerg] 1#1: BIO_new_file("/etc/letsencrypt/ xxx/cert.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/xxx/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: [emerg] BIO_new_file("/etc/letsencrypt/xxx/cert.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/xxx/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

$ sudo apt-get install software-properties-common
...

OK

$ sudo apt-get update

$ sudo certbot --nginx

Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/default

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/xxx/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/xxx/privkey.pem
   Your cert will expire on 2019-02-11. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

$ docker exec -it phabricator bash
$ config set phabricator.base-uri https://$SITE_URL
$ config set security.require-https 'true'
$ cat > /opt/bitnami/phabricator/support/preamble.php <<EOF
<?php

\$_SERVER['HTTPS'] = true;
EOF

$ docker-compose restart phabricator