make server with domain HTTPS

[ndogota]

I spent half a day trying to get HTTPS to work with certificates valid for my browser (with my own domain).

So if it can help you as explained in the documentation we must acquire valid certificates.
Using certbot I had trouble finding the command for a standalone server install (because I'm using the docker install).
The client didnt sync with a bad cert even using script.

Finally the command was (to get valid cert):
sudo certbot certonly --standalone --agree-tos --preferred-challenges http -d domain-name.com

explained in this documentation : https://serverspace.io/support/help/how-to-get-lets-encrypt-ssl-on-ubuntu/

and if its still not working, check configuration of UFW to allow 443 and 80 connections.

thanks for your project, I was working in Notion before, but the idea of ​​knowing that the base does not really belong to me and the fact of wanting to have a total hand on my second brain, made me install your solution.
really thank you for that, I'm also a litle programmer so I will for sure adapt the dashboard for my uses and share code about it (I just need to understand the architecture better before). (being able to put script in my productivity app <3)

[sigaloid]

Hi, I recommend switching your reverse proxy to Caddy if possible. My whole reverse proxy config is now three lines long (and nothing is about HTTPS, it is automatic) and it retrieves new certificates automatically. Manually managing certbot was such a pain. I also manage more than a dozen trilium instances' SSL certificates with Caddy and I don't think about it at all.

Let me know if you need instructions for caddy. I can write up a doc page.

[ndogota]

@sigaloid
thank you for your answer, I went to the simplest way so I don't even have a reverse proxy, but it's true that it could have been a good idea (related to security too, I'm not very well trained so I am convinced that my installation must not be very secure)
I don't quite understand how Caddy works? it runs on a server different from the web server?
thank you for your answer, for the moment I will leave the installation as it is, and thank you for the advice.
I am currently at DigitalOcean, so in terms of data protection it is not the best compromise, so my long-term objective is to host the server myself at home (using why not a rasberrypi) (and open some ports/vpn to access from outside securely)
anyway thank you for your answer

[sigaloid]

A reverse proxy runs on the same server, essentially another process running that manages incoming web requests. It's the typical recommended way to run servers since it gives you flexibility and handles SSL automatically