Skip to content
Permalink
Browse files

chore(*) release version 0.2.0

  • Loading branch information...
fffonion committed Oct 23, 2019
1 parent ce89b76 commit 9e36bf1e0c531641f21047b0a890fe02021221ac
Showing with 44 additions and 12 deletions.
  1. +40 −8 README.md
  2. +1 −1 dist.ini
  3. +1 −1 lib/resty/acme/client.lua
  4. +2 −2 lua-resty-acme-0.1.3-0.rockspec → lua-resty-acme-0.2.0-1.rockspec
@@ -122,15 +122,14 @@ many requests that hits [rate limiting](https://letsencrypt.org/docs/rate-limits

By default `autossl` only creates RSA certificates. To use ECC certificates or both, uncomment
`domain_key_types = { 'rsa', 'ecc' }`. Note that multiple certificate
chain is only supported by OpenSSL 1.1 and later, check the OpenSSL version your OpenResty
installation is using by runing `openresty -V` first.
chain is only supported by NGINX 1.11.0 or later.

A certificate will be *queued* to create after Nginx seen request with such SNI, which might
take tens of seconds to finish. During the meantime, requests with such SNI are responsed
with the fallback certificate.

Note that `domain_whitelist` must be set to include your domain that you wish to server autossl, to
prevent potential abusing using fake SNI in SSL handshake.
prevent potential abuse using fake SNI in SSL handshake.
```lua
domain_whitelist = { "domain1.com", "domain2.com", "domain3.com" },
```
@@ -234,7 +233,9 @@ See also [Storage Adapters](#storage-adapters) below.

Storage adapters are used in `autossl` or acme `client` to storage temporary or
persistent data. Depending on the deployment environment, there're currently
three storage adapters available to select from.
five storage adapters available to select from. To implement a custom storage
adapter, please refer to
[this doc](https://github.com/fffonion/lua-resty-acme/blob/master/lib/resty/acme/storage/README.md).

### file

@@ -267,22 +268,53 @@ storage_config = {
host = '127.0.0.1',
port = 6379,
database = 0,
-- Redis authentication key
auth = nil,
}
```

### vault

Hashicorp [Vault](https://www.vaultproject.io/) based storage.
Hashicorp [Vault](https://www.vaultproject.io/) based storage. The default config is:


```lua
storage_config = {
host = '127.0.0.1',
port = 8200,
-- secrets kv prefix path
kv_path = "acme",
-- Vault token
token = nil,
-- timeout in ms
timeout = 2000,
}
```

### consul

Hashicorp [Consul](https://www.consul.io/) based storage. The default config is:


```lua
storage_config = {
host = '127.0.0.1',
port = 8500,
-- kv prefix path
kv_path = "acme",
-- Consul ACL token
token = nil,
-- timeout in ms
timeout = 2000,
}
```


TODO
====
- autossl: ocsp staping
- storage: vault backend
- storage: implement ttl?
- ci: test storage
- openssl: add check for pkey has privkey
- openssl: add check for self.ctx classmethod call

[Back to TOC](#table-of-contents)

@@ -7,5 +7,5 @@ lib_dir = lib
doc_dir = lib
repo_link = https://github.com/fffonion/lua-resty-acme
main_module = lib/resty/acme/client.lua
requires = luajit, openresty/lua-resty-lrucache >= 0.08, pintsized/lua-resty-http >= 0.12, fffonion/lua-resty-worker-events >= 0.3.3, fffonion/lua-resty-openssl >= 0.1.0
requires = luajit, openresty/lua-resty-lrucache >= 0.08, pintsized/lua-resty-http >= 0.12, fffonion/lua-resty-worker-events >= 0.3.3, fffonion/lua-resty-openssl >= 0.2.1
exclude_files=*.rock, *.rockspec
@@ -11,7 +11,7 @@ local ngx_INFO = ngx.INFO
local ngx_DEBUG = ngx.DEBUG

local _M = {
_VERSION = '0.1.4'
_VERSION = '0.2.0'
}
local mt = {__index = _M}

@@ -1,5 +1,5 @@
package = "lua-resty-acme"
version = "0.1.3-0"
version = "0.2.0-1"
source = {
url = "git+https://github.com/fffonion/lua-resty-acme.git"
}
@@ -34,5 +34,5 @@ dependencies = {
"lua-resty-http >= 0.15-0",
"lua-resty-worker-events >= 1.0.0-1",
"lua-resty-lrucache >= 0.09-2",
"lua-resty-openssl >= 0.1.0-1",
"lua-resty-openssl >= 0.2.1-1",
}

0 comments on commit 9e36bf1

Please sign in to comment.
You can’t perform that action at this time.