update ssl documentation

docs/setup.md

@@ -14,15 +14,15 @@ Our system currently runs on:
 
 ## Operating System
 
-The server should run on a Linux/Unix. We recommend [Ubuntu](https://ubuntu.com/) (22.04 LTS).
-[//]: # (We also tested Windows 10 and 11 but ran into issues with HTTPS certificates and nginx.)
+The server should run on a Linux/Unix. We recommend the current [Ubuntu LTS](https://ubuntu.com/).
+We tested this setup on Ubuntu 20/22 LTS and Windows 10/11.
 If your installation is fresh, you may need to install some basic packages like git:
 ```bash
 sudo apt-get update
 sudo apt-get install git
 ```
 
-Your current user must have sudo rights and .
+Your current user must have sudo rights.
 
 
 ## CUDA and GPU Driver
@@ -131,15 +131,15 @@ BACKEND_LOG=backend_log
 ```
 
 
-### SSL [WIP]
+### SSL
 
-You can skip these steps but browsers will warn about unsecure connection, at least.
+You can skip these steps but browsers will warn about unsecure connection, or even block it.
 NGINX won't start if the certificate is missing or invalid. In order to start in HTTP mode, 
 you need open `web/nginx.conf`, replace the HTTP locations with the SSL locations and comment out the whole SSL block.
 Now, you should be able to connect to the server via HTTP, at least with Google Chrome (in incognito mode).
 
 You can manually create a certificate by following the instructions on https://www.sslforfree.com/. 
-In the near future, an automated solution using Certbot (https://certbot.eff.org/) is going to be realized.
+Or you can automate it with Certbot (https://certbot.eff.org/). For this, you need to create a Cron job and a script that triggers a docker image. See [SSL Automation](setup_ssl.md) for more information.
 
 
 ### Running the System

docs/setup_ssl.md

@@ -0,0 +1,53 @@
+# SSL Automation
+
+Cron job:
+```bash
+crontab -l  # check if there is anything already
+sudo nano /etc/crontab  # edit
+```
+
+Example crontab:
+```bash
+# Edit this file to introduce tasks to be run by cron.
+#
+# Each task to run has to be defined through a single line
+# indicating with different fields when the task will be run
+# and what command to run for the task
+#
+# To define the time you can provide concrete values for
+# minute (m), hour (h), day of month (dom), month (mon),
+# and day of week (dow) or use '*' in these fields (for 'any').
+#
+# Notice that tasks will be started based on the cron's system
+# daemon's notion of time and timezones.
+#
+# Output of the crontab jobs (including errors) is sent through
+# email to the user the crontab file belongs to (unless redirected).
+#
+# For example, you can run a backup of all your user accounts
+# at 5 a.m every week with:
+# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
+#
+# For more information see the manual pages of crontab(5) and cron(8)
+#
+# m h  dom mon dow   command
+0 0 * * * /home/netidee-server/Server/renew-certs.sh > /dev/null 2>&1
+```
+
+renew-cert.sh:
+```bash
+#!/usr/bin/bash
+. /home/netidee-server/Server/vars
+cd /home/netidee-server/Server
+cd ./$REPO_NAME
+docker compose run --rm certbot renew  # run certbot
+docker exec repo-client_deployed_dev-1 nginx -s reload  # restart nginx to use new certificate
+```
+
+Server/vars:
+```bash
+REPO_NAME="Repo"
+NAME_OF_PUB_BRANCH="main"
+USER_ID="github-username"
+USER_PW="github-password"
+```