Use SSL on Mup deploy for free


#1

I use Mup to deploy my app to hosting.
How to use SSL for free?


#2

Easy, first create an account in https://www.sslforfree.com/ sslforfree
this will help you see the status of the ssl you will be using for your domain.

Then enter the domain you want to obtain ssl for free on the cover page of sslforfree

Use the Manual validation DNS option

Then apply the txt records on the dns config of your domain.

Wait until the txt records are propagated.

Configure mup with ssl config found on mup documentation webpage
http://meteor-up.com/docs.html#ssl-support

here is my mup.js configuration configuration

module.exports = {
  servers: {
    one: {
      host: '***.***.***.***',
      username: 'root',
      pem: '~/.ssh/id_rsa',
      // password: 'server-password'
      // or neither for authenticate from ssh-agent
    }
  },
  meteor: {
    name: '******',
    path: '~/Meteor/******',

    servers: {
      one: {},
    },

    buildOptions: {
      serverOnly: true,
    },

    env: {
      // If you are using ssl, it needs to start with https://
      //PORT: 3010,
      ROOT_URL: 'https://******.com',
      MONGO_URL: 'mongodb://localhost/meteor',
      //VIRTUAL_HOST: 'https://******.com', not needed because proxy configured in proxy object below in configuration, thats why i commented this
    },
    docker: {
      // change to 'kadirahq/meteord' if your app is using Meteor 1.3 or older
      image: 'abernix/meteord:node-8.4.0-base',
    },

    // Show progress bar while uploading bundle to server
    // You might need to disable it on CI servers
    enableUploadProgressBar: true
  },
  proxy: {
    // comma separated list of domains your website
    // will be accessed at.
    // You will need to configure your dns for each one.
    domains: '******.com',
    ssl: {
      // Enable let's encrypt to create free certificates
      letsEncryptEmail: '******@******.com',
    }
  },
  mongo: {
    version: '3.4.1',
    servers: {
      one: {}
    }
  }
};


#3

Thanks for your reply, but I get error


#4

Don’t put :3000 in the name ! Use manual verification as you’re not using port 80 :wink:


#5

Also, you cant validate per ip (in mup), instead put the domain or domains you want to use with ssl, then proceed to manual verification.

in manual verification (DNS) step you need to setup dns text records in the interface where you manage your registered domains.

after the dns text records have been propagated (probably you will need to wait an hour if the time to live (ttl) is set to 3600 seconds)

click on Verify_acme_challenge.mydomain.com

this screen will appear when successfull verification.

This is important because mup uses txt records to verify it can automatically renew ssl certificates.

Enjoy your free ssl certificate and keep rocking


#6

Excuse me, not understand.
It still has the same problem

module.exports = {
  servers: {
    one: {
      host: '172.104.57.72',
      username: 'root',
      password: '********'
    }
  },

  meteor: {
    name: 'myApp',
    path: '../myApp',
    servers: {
      one: {}
    },
    buildOptions: {
      serverOnly: true,
    },
    env: {
      ROOT_URL: 'http://172.104.57.72/',
      MONGO_URL: 'mongodb://localhost/mydb',
      PORT: 3000
    },
    dockerImage: 'abernix/meteord:base',
    deployCheckWaitTime: 120
  },

  mongo: {
    oplog: true,
    port: 27017,
    servers: {
      one: {},
    },
  },
};

Please help me


#7

Check my mup config in my first post, if you copy it you will get correct parameters.

first differente is the ROOT_URL: note it start with https not http

second, note i use a domain, not an ip, for this prerequisite you will need to configure your domain with and A record in your dns config to point to the ip, what mup will configure is nginx to proxy your domain to your ip and port (this is done automatically, because mup uses docker image jwilder-nginx

are you familiarized with DNS configurations?


#8

thanks for your reply, I have a problem with Manually Verify Domain (DNS), (notmup.js`)


#9

So it mean that I must create domain link to this IP first?


#10

If in case soem body is still struggling with this.

http://talesofkingarch.blogspot.com/2018/10/installing-ssl-on-aws-instance-digital.html


#11

Sorry if I misunderstand the question, but using free LetsEncypt SSL with MUP should be as easy as adding a few lines to the mup config file as per the reverse proxy settings http://meteor-up.com/docs.html#ssl

Don’t forget to do mup setup and mup reconfig after changing the config file.

There’s no need to signup with any certificate authority. Unless you need wildcard domain support which LetsEncrypt doesn’t support?


#12

If you get any errors while running above mentioned commands, remember to run mup stop before running these commands. Rest is pretty straightforward, just follow mup documentation.