I have HAOS running on a co.uk domain, and a separate .com domain hosted on a nginx web server (on an Ubuntu VM). Both VM’s are on Proxmox.
I am using nginx on the Ubuntu web server to forward proxy requests to the HAOS domain, so:
- My HAOS host is at 192.168.1.225:8123
- My niginx server is at 192.168.1.36
- My HA domain name is home.domain1.co.uk
- My other web domain name is domain2.com
- My router has ports 80 and 443 forwarded to 192.168.1.36
- I have copied my SSL certs for home.domain1.co.uk from my HAOS host to /etc/letsencrypt/live/home.domain1.co.uk
This is my home.domain1.co.uk file (in the sites-available folder on 192.168.1.36):
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/home.domain1.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.domain1.co.uk/privkey.pem;
server_name home.domain1.co.uk;
location / {
proxy_pass https://192.168.1.225:8123/;
proxy_set_header Host $host;
}
location /api/websocket {
proxy_pass https://192.168.1.225:8123/api/websocket;
proxy_set_header Host $host;
}
}
Everything seems to be working, but I’m unclear which SSL certs are being used for my HAOS domain - the ones on the nginx host. or the ones on the nginx host?
The reason I need to know is so that I know how to renew them - they were created on the HAOS host, using the Let’s Encrypt add-in.
Now that port 80 is being forwarded to the nginx server (not the HAOS server), does this mean that I can no longer use the Let’s Encrypt add-in to update the SSL certs when they expire? If so, what would be the best way to renew them automatically?