you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (17 children)

Hey maam. This will not help, htaccess is for Apache only and reddit uses nginx.

I imagine that if you get Reddit setup correctly, this 'inconsistent server configuration' issue will go away. Right now Reddit is not running. Reddit code will handle redirecting http to https.

If you want to pass along your Reddit and nginx configs I can take a look. Don't send me your database password tho, which is in development.update.

[–][deleted]  (16 children)

[deleted]

    [–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (15 children)

    This is your main Reddit config file: /home/reddit/src/reddit/r2/development.update (beware, DB pass in here)

    And this is the nginx file where you need to plug in your new SSL cert paths: /etc/nginx/sites-available/reddit-ssl

    Don't worry about my time, I'll stop responding if need be. Your success helps our success and helps support free speech worldwide.

    [–]portcity[S] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (14 children)

    /home/reddit/src/reddit/r2/development.update

    Really admire your commitment to these principles. Here is the development.update file: https://pastebin.com/7ErubFaD And here is the nginx: https://pastebin.com/5Z3Suycu So grateful to you!

    [–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (13 children)

    I thought that respecting "free speech" was a widely shared principle, but after a couple of years of Trump everyone is dropping like flies. Anyway...

    Your development.update looks good as far as SSL and your domain name. For nginx, we need to update the paths to your SSL cert (in /etc/nginx/sites-available/reddit-ssl) and then restart nginx.

    So change:

    ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
    

    To something like this, depending on where your cert ended up. Certbot prints where it is at the end, but it's probably:

    ssl_certificate /etc/letsencrypt/live/portcity.online/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/portcity.online/privkey.pem;
    

    And then run the old

    $ sudo service nginx restart
    

    [–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (12 children)

    I tried to run certbot again and got the following errors: https://pastebin.com/50NdbGTn So then I decided to change the lines you listed above in /etc/nginx/sites-available/reddit-ssl and I got these errors: https://pastebin.com/KHPT94z7 As for this recent era in free speech ... I can't get over how the Trump people are both destroying our free speech protections (with Sesta/Fosta, lots of other examples) and simultaneously trying to claim to be free speech victims, when they are challenged or rejected for their views. It's sickening. Thanks again -- J

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (11 children)

    Try running certbot like this:

    $ sudo certbot certonly --manual --preferred-challenges dns -d saidit.net -d www.saidit.net -d m.saidit.net -d oauth.saidit.net
    

    Although you don't need all of these subdomains. The DNS challenge bit means you will need to add DNS records with your domain registrar. Certbot will tell you exactly what to add.

    [–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

    sudo certbot certonly --manual --preferred-challenges dns -d saidit.net -d www.saidit.net -d m.saidit.net -d oauth.saidit.net

    I got sudo: certbot: command not found :(

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    $ sudo add-apt-repository ppa:certbot/certbot
    $ sudo apt-get update
    $ sudo apt-get install certbot
    

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    I will add this stuff to the README

    [–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (7 children)

    sudo certbot certonly --manual --preferred-challenges dns -d saidit.net -d www.saidit.net -d m.saidit.net -d oauth.saidit.net

    I just can't seem to get this right. After installing certbot, and running the long command quoted above, and entering 4 TXT files at my domain registrar, I get these errors: https://pastebin.com/HHcVnJB9

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (6 children)

    You've gotta use your own domain, not SaidIt.net ! You will need to update those DNS records when you try again.

    [–]portcity[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (5 children)

    lmao how fast can I wear out my welcome ... I'm certainly trying, aren't I?