# api.txyundm.cn Certbot Commands

This file records the production commands for the Ubuntu administrator. Do not run them from Windows or WSL.

## Preconditions

- DNS for `api.txyundm.cn` points to the production Ubuntu server.
- Nginx serves `/.well-known/acme-challenge/` from `/var/www/certbot` on port 80.
- Ports 80 and 443 are open.

## Issue

```bash
sudo mkdir -p /var/www/certbot
sudo certbot certonly --webroot -w /var/www/certbot -d api.txyundm.cn
```

## Install Nginx Site

```bash
sudo install -m 0644 /opt/apps/qipai-repo/deploy/nginx/api.txyundm.cn.conf.template /etc/nginx/sites-available/qipai-api.conf
sudo ln -sfn /etc/nginx/sites-available/qipai-api.conf /etc/nginx/sites-enabled/qipai-api.conf
sudo nginx -t
sudo systemctl reload nginx
```

## Renew Dry Run

```bash
sudo certbot renew --dry-run
```