well for the first step I assume that I've already done it (refer to the picture I posted above in the thread);
I'm pretty sure that ports 80 and 443 are allowed (used both ufw and iptables);
Nginx should be listening to port 80 and 443, I didn't touch the configuration after running
sudo openssl --nginx
I don't know what "SSL on" means.
I guess the "how do I do all of that" was just a request for explicit instructions in case I had done something incorrectly