# check firewall options
sudo ufw app list
# enable all HTTP and HTTPs traffic from firewall
sudo ufw allow 'Nginx Full'
# confirm updated status
sudo ufw status
# NOTE: On GCP, the status will show inactive since firewall is external
# create a symlink in sites-enabled
sudo ln -s /etc/nginx/sites-available/vikramtiwari.com /etc/nginx/sites-enabled/
# check if nginx config is correct
sudo nginx -t
# restart nginx
sudo systemctl restart nginx
# check nginx status
sudo systemctl status nginx
# find your IP address
dig +short myip.opendns.com @resolver1.opendns.com.
Now use your IP address to create a "A" type DNS record on your provider. As soon as the DNS settings are live, you should be able to access your app on your website.
Setup LetsEncrypt
# install certbot and nginx plugin
sudo apt install certbot python3-certbot-nginx
# get certificates
sudo certbot --nginx -d vikramtiwari.com -d www.vikramtiwari.com
# Follow through the options in the terminal until it shows "Congratulations!" message
At this point everything is setup and you are ready to receive HTTPs traffic.
Verification of HTTPs
Using CLI
sudo certbot renew --dry-run
From nginx file. Your Nginx file should have following entries now
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/vikramtiwari.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/vikramtiwari.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot