Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic certificates from Let's Encrypt #142

Merged
merged 4 commits into from Aug 2, 2019
Merged

Automatic certificates from Let's Encrypt #142

merged 4 commits into from Aug 2, 2019

Conversation

thebaer
Copy link
Member

@thebaer thebaer commented Jul 21, 2019

This enables admins to run WriteFreely as a standalone server that automatically generates certificates, powered by Let's Encrypt (T542).

It adds a new config option under the [server] section: autocert. When set to true (and with non-empty tls_cert_path and tls_key_path values, plus port = 443), WriteFreely will serve the instance on port 443 and automatically generate a certificate for the configured host.

This also adds a new option during the interactive config process that allows the user to choose automatic certificate generation, in addition to the previous option of manually configuring the certificate location.

@thebaer
Support automatically generated certificates
36fb7ec 
This adds a new config option in the `[server]` section: `autocert`.
When true, WF will automatically generate certificates instead of using
ones from the provided cert path. However, all generated certificates
will be stored in the configured `tls_cert_path`.

Ref T542
@thebaer
Fix autocert HostPolicy
42386be 
Previously, this would pass in the instance's full (and invalid) URL.
Now it passes only the host name.

Ref T542
@thebaer
Fix autocert insecure server redirect
3346e73 
This fixes certificate validation, while keeping HTTP -> HTTPS
redirection.

Ref T542
@thebaer
Add option for automated cert in config process
1f7a0f0 
This adds a new "Secure (port 443), auto certificate" option to the "Web
server mode" prompt when running `writefreely --config`. When chosen,
it'll set `autocert` to `true` and set the path for certs and keys to
`certs`.

Ref T542
@thebaer thebaer added this to the 0.11 milestone Jul 21, 2019
@thebaer
Copy link
Member Author

thebaer commented Jul 29, 2019

This still needs documentation.

@thebaer thebaer mentioned this pull request Aug 2, 2019
Merged
@thebaer
Copy link
Member Author

thebaer commented Aug 2, 2019

Ideally we'll also explain how to do this in some kind of "setup" guide. But the basic docs are there, so merging now.

@thebaer thebaer merged commit 3321c75 into develop Aug 2, 2019
@thebaer thebaer deleted the autocert branch August 2, 2019 03:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
0.11
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@thebaer