Nginx 設定openwebrx使用ssl

systemctl stop apache2
systemctl disable apache2
apt remove apache2
apt-get install nginx

$ apt-get update
$ sudo apt-get install certbot
$ apt-get install python-certbot-nginx

crontab -e
0 12 * * * /usr/bin/certbot renew --quiet 
#每天中午執行檢查證書是否在30天內過期,如果是則更新它,--quiet指令告訴certbot不要生成輸出

server {
  listen 80;
  server_name  aaa.example.com;
  return 301 https://$server_name$request_uri;
}
server {
  listen  443 ssl;
  ssl_certificate      /etc/letsencrypt/live/aaa.example.com/fullchain.pem ;   
# let'sencrypt的預設路徑,crt或pem都可
  ssl_certificate_key  /etc/letsencrypt/live/aaa.example.com/privkey.pem;     
# let'sencrypt的預設路徑,key或pem都可
      location / {
         proxy_pass http://localhost:8073;    
#轉給openwebrx:8073,因為已在443的監聽下,雖使用ssl但還是http            
         proxy_set_header  Host $http_host;
         proxy_set_header  X-Real-IP  $remote_addr;
         proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header  X-Forwarded-Proto $scheme;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection $connection_upgrade
                  }
}