Setting up Certbot

# add certbot PPA
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

# install certbot with nginx
sudo apt-get install certbot python3-certbot-nginx

# install certbot with apache
sudo apt install certbot python3-certbot-apache

# run certbot
sudo certbot --apache -d domain_name.com

# output
/etc/letsencrypt/live/domain_name.com/fullchain.pem
/etc/letsencrypt/live/domain_name.com/privkey.pem # key file

# configure ssl
cd /etc/apache2/sites-available/

sudo vim 000-default-le-ssl.conf

# edit
ProxyPass / http://127.0.0.1:8001/ # paste before ServerName
ProxyPassReverse / http://127.0.0.1:8001/ # paste before ServerName

ServerName domain_name.com

# enable proxy modules
sudo a2enmod proxy
sudo a2enmod proxy_http

# restart apache
sudo systemctl restart apache2

# run fastapi server
nohup uvicorn main:app --host 127.0.0.1 --port 8001

Renewal

# check cert status
sudo certbot certificates

# generate apache certificate
sudo certbot --apache



# renew certbot (actual renew)
sudo certbot renew
sudo certbot renew --dry-run

sudo certbot renew --apache