Update README

lnicola · Jan 23, 2017 · 46a53f1 · 46a53f1
1 parent c53f21d
commit 46a53f1
Showing 1 changed file with 28 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -8,8 +8,6 @@ It uses the Certbot settings from the last execution. The `webroot` or `nginx` a
 recommende since this unit no longer stops `nginx`. If you are using the `standalone` mode, `certbot`
 will not be able to bind to the `HTTP` port.
 
-Please see the Certbot documentation for information about migrating to another authenticator.
-
 # Installation
 ## Arch Linux
 On Arch Linux you can use the `certbot-systemd-nginx` AUR package.
@@ -22,3 +20,31 @@ location:
     # systemctl daemon-reload
     # systemctl start certbot-nginx.service # to run manually
     # systemctl enable --now certbot-nginx.timer # to use the timer
+
+# Configuring nginx for webroot
+Migrating to the `webroot` authenticator is pretty simple, but don't forget to make a backup of your
+configuration file (`/etc/nginx/nginx.conf` or similar).
+
+If you are hosting a site, edit the configuration file and add the following lines:
+
+    location ~ /.well-known {
+        allow all;
+    }
+
+If you're running a reverse proxy, pick a directory, create it and set it as root:
+
+    location ~ /.well-known {
+        root /var/www/html;
+        allow all;
+    }
+
+After making the changes, test and reload the new configuration:
+
+    # nginx -t
+    # systemctl reload nginx
+
+and do a manual run of `certbot` to update its settings:
+
+    # certbot certonly --webroot -w /var/www/html -d example.com --force-renewal
+
+For more information, please see the Certbot or nginx documentation.