Flask App HTTPS Setup

Securing your website with HTTPS is essential for the modern web. We'll use a the Let's Encrypt certificate authority and a service called Certbot to set this up. Fill out the form to get relevant instructions. As our server is running nginx and Ubuntu we will follow this.

Add Certbot PPA:

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

Install Certbot:

sudo apt-get install certbot python-certbot-nginx

Adjust nginx config:

server {
        listen 80;
        server_name www.yourdomain.com;
        return 301 $scheme://yourdomain.com$request_uri;
}

server {
        listen 80;
        server_name yourdomain.com;

        location /static {
                alias /home/yourusername/yourproject/yourproject/static;
        }

        location / {
                proxy_pass http://localhost:8000;
                include /etc/nginx/proxy_params;
                proxy_redirect off;
        }
}

Get certificate:

sudo certbot --nginx

If asked about a redirect, choose to redirect all http requests to https.

Test your nginx config:

sudo nginx -t

Enable https through firewall:

sudo ufw allow https
sudo ufw enable
sudo ufw status verbose

Restart nginx:

sudo systemctl restart nginx

Simulate a cert renewal:

sudo certbot renew --dry-run

Create renewal cronjob:

sudo crontab -e

30 4 1 * * sudo certbot renew --quiet

And that's it! Your certificate will automatically renew once a month.