How to secure Nginx with Let's Encrypt certificate on Alpine Linux

To secure Nginx with a Let's Encrypt SSL/TLS certificate on Alpine Linux, you will need to follow these steps:

1. Install the certbot package from the package manager:

apk add certbot

2. Obtain a Let's Encrypt SSL/TLS certificate for your domain. You can do this by running the following command:

certbot certonly --standalone -d example.com

Replace example.com with your own domain. This will generate a certificate and private key pair for your domain, and store them in the /etc/letsencrypt/live/example.com directory.

3. Create a configuration file for your Nginx server that includes the SSL/TLS certificate and key. Here is an example configuration file that listens on port 443 and redirects all traffic to HTTPS:

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    location / {
        return 301 https://$host$request_uri;
    }
}

4. Restart Nginx to apply the changes:

/etc/init.d/nginx restart

This will configure Nginx to use the Let's Encrypt SSL/TLS certificate and secure all traffic to your domain with HTTPS. You can verify that your certificate is properly installed by visiting your domain in a web browser and checking for the secure padlock icon.

Note: Let's Encrypt SSL/TLS certificates are only valid for 90 days, so you will need to renew your certificate periodically to keep your site secure. You can do this by running the certbot renew command. It is recommended to set up a cron job or other automation to handle the renewal process for you.