To do this, you basically need to redeploy your existing site (not: create a new site) while telling UBOS what TLS keys and certs it is supposed to use.
Now, TLS needs an actual hostname (not any='*' as we do in UBOS for the "respond to any virtual host" site that you have deployed) inside the cert. So this will work better if you access your site with a consistent DNS name, even if it isn't an "official" one and only resolves on your local area network. If you have the ability to set that up on your local area network, that would be the recommended way to do this. Some router allow you to "pin" a DHCP dynamic IP address to a particular Mac address.
Let's say you decide on hostname "ubosbox.example.com" and you have set of your networks' DNS and DHCP so that your existing site comes up at that hostname. Now on the UBOS end, the Site JSON
to be deployed needs to have two changes compared to the existing one:
- the hostname needs to change from "*" to "ubosbox.example.com"
- the TLS keys and certificate need to be added
To see your existing Site JSON, execute:
Code: Select all
sudo ubos-admin showsite --json --hostname '*'
Note that UBOS determines the identity of the site, and the app(s) deployed at it by the long identifiers in that file, not the hostname. So you can update the site by redeploying, as long as the identifiers remain the same.
Write that to a file, edit the hostname field, generate self-signed keys and insert them as documented here
. Then redeploy the site with the updated Site JSON with:
Code: Select all
sudo ubos-admin deploy --file <your-modified-site-json-file>
Now if that sounds complicated
, here's a way to cheat:
- export your existing Site JSON with "ubos-admin showsite" as above
- create a new Site JSON without deploying it, as you did with "ubos-admin createsite" but add the flags "-n -o <file>". UBOS won't let you deploy a conflicting site, as you found out, but you can create any Site JSON with the command as long as you don't deploy it (-n).
- copy-paste the TLS entries, and hostname from the second file into the first
- deploy the updated file.
This is still complicated, I'm afraid, and we have had this feature request
open for a long time, but that's because there are so many variations of what one might want to do to an existing site, it is not obvious that creating a command with a gazillion different ways of invoking it is any simpler than editing the JSON file directly...
P.S. Make a backup of your existing site first, of course.