Flask App HTTPS Setup
Securing your website with HTTPS is essential for the modern web. We'll use a the Let's Encrypt certificate authority and a service called Certbot to set this up. Fill out the form to get relevant instructions. As our server is running nginx and Ubuntu we will follow this.
Add Certbot PPA:
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
Install Certbot:
sudo apt-get install certbot python-certbot-nginx
Adjust nginx config:
server {
listen 80;
server_name www.yourdomain.com;
return 301 $scheme://yourdomain.com$request_uri;
}
server {
listen 80;
server_name yourdomain.com;
location /static {
alias /home/yourusername/yourproject/yourproject/static;
}
location / {
proxy_pass http://localhost:8000;
include /etc/nginx/proxy_params;
proxy_redirect off;
}
}
Get certificate:
sudo certbot --nginx
If asked about a redirect, choose to redirect all http requests to https.
Test your nginx config:
sudo nginx -t
Enable https through firewall:
sudo ufw allow https
sudo ufw enable
sudo ufw status verbose
Restart nginx:
sudo systemctl restart nginx
Simulate a cert renewal:
sudo certbot renew --dry-run
Create renewal cronjob:
sudo crontab -e
30 4 1 * * sudo certbot renew --quiet
And that's it! Your certificate will automatically renew once a month.