# Setup SSL Certificate for Family Budget # Run this script in PowerShell as Administrator $ErrorActionPreference = "Stop" $DOMAIN = "family-budget.duckdns.org" $EMAIL = "your@email.com" # CHANGE THIS! Write-Host "=== Setting up SSL for $DOMAIN ===" -ForegroundColor Green # Change to project directory Set-Location C:\deploy\family_budget Write-Host "`n1. Stopping certbot..." -ForegroundColor Yellow docker compose -f docker-compose.prod.yml stop certbot Write-Host "`n2. Creating self-signed certificate..." -ForegroundColor Yellow docker compose -f docker-compose.prod.yml run --rm --entrypoint sh certbot -c @" mkdir -p /etc/letsencrypt/live/$DOMAIN && \ openssl req -x509 -nodes -newkey rsa:2048 -days 365 \ -keyout /etc/letsencrypt/live/$DOMAIN/privkey.pem \ -out /etc/letsencrypt/live/$DOMAIN/fullchain.pem \ -subj '/CN=$DOMAIN' "@ Write-Host "`n3. Updating nginx configuration..." -ForegroundColor Yellow $sslConfig = Get-Content nginx\conf.d\app-ssl.conf.template -Raw $sslConfig = $sslConfig -replace '\$\{DOMAIN\}', $DOMAIN $sslConfig | Out-File -FilePath nginx\conf.d\app-ssl.conf -Encoding UTF8 # Remove HTTP config Remove-Item nginx\conf.d\app.conf -ErrorAction SilentlyContinue Write-Host "`n4. Restarting nginx..." -ForegroundColor Yellow docker compose -f docker-compose.prod.yml restart nginx Write-Host "`n5. Checking nginx status..." -ForegroundColor Yellow docker compose -f docker-compose.prod.yml ps nginx Write-Host "`n=== HTTPS Setup Complete! ===" -ForegroundColor Green Write-Host "`nYour site is now available at: https://$DOMAIN" -ForegroundColor Cyan Write-Host "`nNote: This is a self-signed certificate. Browser will show a warning." -ForegroundColor Yellow Write-Host "You can click 'Advanced' -> 'Proceed to site' to access." -ForegroundColor Yellow Write-Host "`n=== To get a real Let's Encrypt certificate later: ===" -ForegroundColor Magenta Write-Host "Run in Git Bash:" -ForegroundColor White Write-Host " export DOMAIN=$DOMAIN" -ForegroundColor Gray Write-Host " export EMAIL=$EMAIL" -ForegroundColor Gray Write-Host " bash init-letsencrypt.sh" -ForegroundColor Gray