NGINX starts with an HTTP-only configuration per default. Once all tiny.iiif services are running on HTTP, you can obtain a free LetsEncrypt certificate to enable HTTPS.
-
Run the certbot script to simulate the certification issue process. Replace
your-domain.orgwith your actual domain.docker compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d your-domain.org
-
If successful, obtain the certificate.
docker compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d your-domain.org
-
Replace the default HTTP-only config with the HTTPS-enabled config file.
# Rename `default.conf` to `default.conf.http` mv default.conf default.conf.http # Make the included `default.conf.https` file the new `default.conf` mv default.conf.https default.conf
-
Edit the new default.conf file and replace all occurrences of
yourdomain.org(4x) with your domain name. -
Restart tiny.iiif.
docker compose down docker compose up
-
Verify HTTPS — open
https://your-domain.org/tinyin a browser and confirm that the tiny.iiif admin UI is accessible and protected via login.