If your site doesn’t support HTTPS, better hurry up. Google already uses HTTPS as a ranking factor, but from July 2018, Google Chrome will label non-HTTPS sites as not-secure. The following setup is so simple that there’s basically no excuse for your site to not be HTTPS compliant.
These instructions assume you’ve followed the mish-mash of a guide I posted for the starting setup.
First of all, head on over to letencrypt.org and find the certbot installation instructions relevant for your webhost. In my case, that’s nginx on Ubuntu 16.04.
Install certbot from the certbot ppa:
1$ sudo apt-get update
2$ sudo apt-get install software-properties-common
3$ sudo add-apt-repository ppa:certbot/certbot
4$ sudo apt-get update
5$ sudo apt-get install python-certbot-nginx
Then apply the nginx specific settings automatically:
1$ sudo certbot --nginx
All that remains is to modify you Hugo config to use HTTPS:
config.toml:
1baseURL = "https://mydomain.com/"
And don’t forget to update the url in your post-receive git hooks script:
1/usr/local/bin/hugo -s $WORKING_DIRECTORY -d $PUBLIC_WWW -b "https://${MY_DOMAIN}"
And that’s it! The certbot even adds a cron job to periodically renew the certificates.