Roots Discourse

Reprovisioning live site - SSL letsencrypt doubts

letsencrypt

#1

it will be my first time that I will deal with SSL.

I already have the production site live on Digital Ocean with Trellis, bedrock and Sage, I went live without the ssl enabled.
I have this setting:

ssl:
enabled: false
provider: letsencrypt

Now i would like to update the live site from non-SSL to SSL

Reading the documentation, it seems that the only things that I have to do are:

  1. in the group_vars/production/wordpress_sites update the value to enabled: true
  2. have a valid and working DNS records (the website is already live)
  3. reprovisioning the server with ansible-playbook server.yml -e env=<environment> --tags letsencrypt

are these steps correct?

my doubts are:

  1. if for some reason the reprovisioning will have some errors, it will stop the provision of the server (and keep the site live) or it is possible that the website can go down?

  2. the records @ and www type A are ok dns settings to active the ssl or I need to create a specific record for this scope?

  3. what are the best practices to avoid downtime with a live website?

  4. have I manually update some settings in the wp admin?

Thanks in advance!


#2

Those steps are correct. In regards to your doubts:

  1. “Re-provisioning is always assumed to be a safe operation.”
  2. You don’t need to make new DNS records when adding SSL.
  3. Keep using Trellis — there’s zero downtime when you provision or deploy a site.
  4. I don’t understand this question, but for whatever you meant to ask, I think the answer is no.

#3

thanks for your reply, just to clarify “Re-provisioning is always assumed to be a safe operation” and “using Trellis — there’s zero downtime” means that I can Re-provisioning the server a lot of times but the website will be always live?
i can’t fuck it up the live site if i re-provisioning the server? :heart_eyes: