{"id":30663627,"url":"https://github.com/eustasy/bubbly","last_synced_at":"2025-08-31T17:14:06.969Z","repository":{"id":61097023,"uuid":"45573924","full_name":"eustasy/Bubbly","owner":"eustasy","description":"BASH: Better SSL in Nginx in 10 minutes. Configuration files and setup scripts for Certbot.","archived":false,"fork":false,"pushed_at":"2025-05-03T03:48:17.000Z","size":474,"stargazers_count":219,"open_issues_count":5,"forks_count":21,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-07-20T01:05:10.016Z","etag":null,"topics":["acme","certbot","certificate","letsencrypt","nginx","ssl"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eustasy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"issuehunt":"eustasy","ko_fi":"eustasy"}},"created_at":"2015-11-04T23:20:38.000Z","updated_at":"2025-06-19T18:22:56.000Z","dependencies_parsed_at":"2025-07-20T00:31:16.029Z","dependency_job_id":"ae2a06c2-ce45-40f8-81c9-415cb91ae638","html_url":"https://github.com/eustasy/Bubbly","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/eustasy/Bubbly","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eustasy%2FBubbly","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eustasy%2FBubbly/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eustasy%2FBubbly/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eustasy%2FBubbly/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eustasy","download_url":"https://codeload.github.com/eustasy/Bubbly/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eustasy%2FBubbly/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273011006,"owners_count":25030371,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-31T02:00:09.071Z","response_time":79,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme","certbot","certificate","letsencrypt","nginx","ssl"],"created_at":"2025-08-31T17:14:06.251Z","updated_at":"2025-08-31T17:14:06.963Z","avatar_url":"https://github.com/eustasy.png","language":"Shell","funding_links":["https://issuehunt.io/r/eustasy","https://ko-fi.com/eustasy"],"categories":[],"sub_categories":[],"readme":"# Bubbly\n\n##### For configuring Certbot with Nginx as quickly and securely as possible.\n\n[![Normal](https://github.com/eustasy/Bubbly/actions/workflows/normal.yml/badge.svg)](https://github.com/eustasy/Bubbly/actions/workflows/normal.yml)\n[![Code Climate](https://codeclimate.com/github/eustasy/bubbly/badges/gpa.svg)](https://codeclimate.com/github/eustasy/bubbly)\n\nIf you want an instant A+ score on Qualys [SSL Labs](https://www.ssllabs.com/ssltest/analyze.html?d=lewisgoddard.me.uk) and A score on [SecurityHeaders.io](https://securityheaders.io/?q=lewisgoddard.me.uk\u0026followRedirects=on), then this is what you'll need to do. You won't need any familiarity with [Certbot](https://github.com/certbot/certbot), [Let's Encrypt](https://letsencrypt.org/), the ACME spec, or SSL in general, just basic Nginx configuration.\n\n**1. Install Certbot and Clone Bubbly**\n\nWe'll start off by cloning the project into the home folder with git.\n\n```\ncd \u0026\u0026\nsudo apt install git certbot \u0026\u0026\ngit clone https://github.com/eustasy/bubbly\n```\n\n**2. Generate Statics**\n\nGenerate the static keys once per server.\n\n```\n~/bubbly/bubbly_generate-statics.sh\n```\n\nAs it will warn, this will take a while.\n\nHave a seat.\n\n**3. Copy config blocks**\n\nWhen you've gone and made something in the 15 minutes that could well take, or you've just set up a new SSH session, copy the Nginx configuration over to the Nginx area.\n\n```\n~/bubbly/bubbly_copy-configs.sh\n```\n\n**4. Configure \u0026 Enable Verification**\n\nCopy the verification site template and replace the instances of `example.com` in the file with your actual domain name.\n\n```\nsudo cp /etc/nginx/sites-available/bubbly_verify.conf /etc/nginx/sites-available/example.com.conf\nsudo nano /etc/nginx/sites-available/example.com.conf\n```\n\nUse `Ctrl` and `\\` to initiate a search and replace for `example.com` with your domain.\n\n```\nsudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf\nsudo nginx -t \u0026\u0026 sudo service nginx reload\n```\n\nAlternatively, you can simply add `include location/bubbly_well-known-passthrough.conf;` to an existing site you want to continue working while we upgrade.\n\n\n**5. Fetch Certificates**\n\nFetch your certificates like this:\n\n```\n~/bubbly/bubbly_renew-ssl.sh -d example.com -d www.example.com\n```\n\nIt will ask for the root password, and an email address, so hang around, it shouldn't take more than a few seconds.\n\nIt should also tell you Certbot set up auto-renewals in the background.\n\n**6. Start using the Certificates**\n\nRemove the verification config you just made, and replace it with a live version of the site. You'll need to more carefully review the `[OPTION]`s in this file, as you'll also need to change the certificate location to match the domain name you requested. Consider taking a look at the `[OPTION]`s and `[WARNING]`s in other linked config files.\n\n```\nsudo rm /etc/nginx/sites-available/example.com.conf\nsudo cp /etc/nginx/sites-available/bubbly_live.conf /etc/nginx/sites-available/example.com.conf\nsudo nano /etc/nginx/sites-available/example.com.conf\n```\n\nUse `Ctrl` and `\\` to initiate a search and replace for `example.com` with your domain.\n\n```\nsudo nginx -t \u0026\u0026 sudo service nginx reload\n```\n\n---\n\n![Screenshot of SSLLabs.com](https://raw.githubusercontent.com/eustasy/bubbly/master/screenshot_ssllabs.com.png)\n\n![Screenshot of SecurityHeaders.io](https://raw.githubusercontent.com/eustasy/bubbly/master/screenshot_securityheaders.io.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feustasy%2Fbubbly","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feustasy%2Fbubbly","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feustasy%2Fbubbly/lists"}