I’m updating a small deployment set up for a friend and have hit a snag. I’m not sure how to integrate Let’s Encrypt via certbot with a distillery based deployment.
I already have a distillery 1.5 based deployment set up on Ubuntu 16.04 based server handling http with nginx. I’m in the process of updating this to use distillery 2 and phoenix 1.4. I figured why not take advantage of cowboy 2‘s http2 support and simplify the set up by getting rid of `nginx’ ala steps found in https://blog.progressplum.app/ssl-migration-from-nginx-to-cowboy-2-in-phoenix-1-4/.
My question is how would this work with distillery?
I’m seeing some Elixir packages for handling acme stuff via the app itself, but nothing is jumping out at me as working with phoenix 1.4 well or in combination with distillery.
I’ve written site_encrypt for this purpose. It’s been used for the past 6 months or so on my blog site. The blog itself is an Elixir powered system which uses Phoenix 1.3, and runs as an OTP release built with distillery 1.x. The project source can be found here. The Elixir project is in the site folder, so you can consult that as a template. There’s also a small demo project included in the library repo.
I haven’t tried using site_encrypt with Phoenix 1.4, but in theory it should work. If there are some problems, please open up an issue on GitHub.
I’m the author of the first article you linked to.
The examples I give are for Distillery, albeit Distillery 2.0. I give an example Mix.Config file that you can use for production. You’ll have to change the values themselves to values like "$MY_ENV_VAR" and allow values to be replaced at run-time with REPLACE_OS_VARS=true.
I’ll update the post to include how you’d do SSL renewal.