How to add custom domain on Claudion Server

Step 1: Install Certbot and Dependencies

Certbot is the official client for Let’s Encrypt. Start by installing it:

sudo apt install certbot

sudo apt install certbot python3-certbot-nginx

⸻

Step 2: Generate SSL Certificate for Your Domain

Replace yourhostname.example.com with your actual domain:

sudo certbot certonly -a nginx -d yourhostname.example.com

After successful generation, verify it exists:

ls /etc/letsencrypt/live/yourhostname.example.com/

Step 3: Configure NGINX with SSL

Open the NGINX config for your site:

sudo vim /nginx/conf.d/frappe-bench.conf

Locate and replace the certificate lines with:

ssl_certificate /etc/letsencrypt/live/claudion.me/fullchain.pem;

ssl_certificate_key /etc/letsencrypt/live/claudion.me/privkey.pem;

💡 Replace claudion.me with your actual domain if different.

Then restart NGINX:

sudo service nginx restart

Step 4: Set Up Auto-Renewal of SSL

Open crontab:

crontab -e

Add this line to renew the certificate daily at 3:15 AM:

15 3 * * * /usr/bin/certbot -a nginx renew --quiet

Also, remove any old certificate renewal job that may interfere:

# Remove this line if it exists

0 0 */30 * *  /opt/pull_ssh_certificates.sh

⸻

Step 5: Reload NGINX After Renewal

Edit the Certbot config:

sudo vim /etc/letsencrypt/cli.ini

Add this line to automatically reload NGINX after a successful renewal:

deploy-hook = systemctl reload nginx

⸻

Step 6: Test Everything Works

Check if the timer is active:

sudo systemctl status certbot.timer

Then do a dry run of the renewal process:

sudo certbot -a nginx renew --dry-run

If no errors appear, your custom domain and SSL setup are complete!

⸻

Final Notes

• Be sure your domain is pointed to your server’s IP via DNS.

• Always restart NGINX after changing certificate paths.

• Certbot handles 90-day certificate lifespans — renewal is critical!