1,105
edits
Technician (talk | contribs) |
Technician (talk | contribs) No edit summary |
||
Line 79: | Line 79: | ||
The <code>openssl</code> decryption command will prompt you for a password. Enter the password stored in <code>/root/pwd/meta</code> on the old server. | The <code>openssl</code> decryption command will prompt you for a password. Enter the password stored in <code>/root/pwd/meta</code> on the old server. | ||
=== Put config files in place === | === Put config files in place === | ||
Line 94: | Line 88: | ||
groupadd -g 5000 vmail | groupadd -g 5000 vmail | ||
useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail | useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail | ||
=== Initialize LetsEncrypt === | |||
The first run of Certbot has to be interactive, so we will do that now. Since the DNS entries still point to the old server, we can't get a cert for the real domains. For now, make '''feministwiki.dev''' point to the IP address of the new server, then proceed with the instructions below. | |||
Stop Apache (<code>systemctl stop apache2</code>), run <code>certbot certonly --cert-name feministwiki.org</code> (yes, the name should be <code>.org</code> even though the domain will be just <code>.dev</code> for now), then follow the on-screen instructions. Use the "standalone" authentication method when asked and enter feministwiki.dev as the sole domain. | |||
=== Stop services on old server === | === Stop services on old server === | ||
Line 128: | Line 128: | ||
TODO | TODO | ||
=== Update the certificate === | |||
Run the <code>letsencrypt-refresh</code> script to get a new certificate which includes all our domain names, since we had started out with just feministwiki.dev. |