Welcome to Centmin Mod Community
Become a Member

Woocommerce using Varnish, Hitch SSL, Cloudflare, Letsencrypt, NGINX with sockets

Discussion in 'Ecommerce / Shopping cart usage' started by Atrix, Jul 2, 2020.

  1. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    Looks like that was the magic code, thanks a lot :)

     
  2. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    Im so sorry fro many questions But I hope my questions will be of benefit to those who want to try this out

    on Eva steps;

    I got this error


    Code:
    [12:03][root@centos-7-1 etc]# bash ~/cert-letsencrypt.sh
    [Wed Jul  8 12:04:27 UTC 2020] Unknown parameter : --renew-hook=/usr/bin/hitch-deploy-hook
    would appreciate ur help
     
  3. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    looks like this hook deparacted

    here is a google search

    Clarify and expand renewal-hook documentation · Issue #5935 · certbot/certbot

     
  4. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    certbot -q renew --renew-hook "service nginx reload"
     
  5. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    deploy-hook also is unknown parameter
     
  6. eva2000

    eva2000 Administrator Staff Member

    54,348
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    9:47 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  7. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    Im using your steps

    Code:
    /root/.acme.sh/acme.sh --issue --dns dns_cf -d 1111.com -d '*.11111.com' -k 2048 --useragent centminmod-centos7-acmesh-dns --renew-hook="/usr/bin/hitch-deploy-hook" --post-hook="service reload hitch"
    this is the sh
     
  8. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
  9. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    looks like he omitted the hook altogether
     
  10. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    I will go back to Artix method it was having an installation error (cloudflare version was not updated), but now installation is fine

    so much work 0:)
     
  11. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    good news almost done

    but the Cloudflare needs to be updated so as not to use the master account credential which is not safe

    I tried to update it but it was messy and asked for an updated OpenSSL so I give up

    also u need to add that is ok to have errors after bash command as the important is tp get

    -
    Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/example.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/example.com/privkey.pem
     
  12. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    moving forward

    I guess it is better to use

    include /usr/local/nginx/conf/cloudflare.conf;


    Code:
    ## NGINX CONFIGS ##
    Nginx configuration for our hitch ssl, varnish setup
    Add this to line 59 of /usr/local/nginx/conf/nginx.conf
    Code:
    real_ip_header X-Forwarded-For;
    set_real_ip_from unix:;
    real_ip_recursive on;
     
  13. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    also u need to correct this

    "missing the conf dir"

    rename /usr/local/nginx/conf/conf.d/site.com.ssl.conf to /usr/local/nginx/conf/conf.d/site.com.ssl.conf-disabled

    This is because nginx will only be serving http requests because that is all varnish understands. Hitch does ALL the SSL work.
     
  14. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    Hooray it is up and running now, thanks a lot to Atrix and Eva :):p:D:D:D:whistle::whistle::whistle::whistle::whistle:
     
  15. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    also u need to delet the crontab part for the chasing plugin u chosen during the centmin 22 option install
     
  16. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    also nano /etc/varnish/default.vcl and change logged in user cookie according to the plugin in wordpress
     
  17. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    upload_2020-7-9_0-15-33.png

    do wee need this step?
     
  18. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    I have a question if I need to install another domain using varnish, what shall I will

    use another files:

    nano ~/cert-letsencrypt-domain2.sh
    nano /etc/hitch/hitch-domain2.conf

    or there is another thing I'm missing?
     
  19. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    also u are missing this code

    Code:
    systemctl enable --now hitch varnish nginx
    
     
  20. ahmed

    ahmed Active Member

    361
    49
    28
    Feb 21, 2017
    Ratings:
    +63
    Local Time:
    1:47 PM
    still the above codes did not solve the error after reboot, I have to run bash ~/restartservices.sh

    also what about if PHP crashes shall theses services reboot by its own to prevent downtime?