Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Automatic certificates from Let's Encrypt #142

Merged
merged 4 commits into from Aug 2, 2019

Conversation

@thebaer
Copy link
Member

commented Jul 21, 2019

This enables admins to run WriteFreely as a standalone server that automatically generates certificates, powered by Let's Encrypt (T542).

It adds a new config option under the [server] section: autocert. When set to true (and with non-empty tls_cert_path and tls_key_path values, plus port = 443), WriteFreely will serve the instance on port 443 and automatically generate a certificate for the configured host.

This also adds a new option during the interactive config process that allows the user to choose automatic certificate generation, in addition to the previous option of manually configuring the certificate location.

thebaer added some commits Jul 21, 2019

Support automatically generated certificates
This adds a new config option in the `[server]` section: `autocert`.
When true, WF will automatically generate certificates instead of using
ones from the provided cert path. However, all generated certificates
will be stored in the configured `tls_cert_path`.

Ref T542
Fix autocert HostPolicy
Previously, this would pass in the instance's full (and invalid) URL.
Now it passes only the host name.

Ref T542
Fix autocert insecure server redirect
This fixes certificate validation, while keeping HTTP -> HTTPS
redirection.

Ref T542
Add option for automated cert in config process
This adds a new "Secure (port 443), auto certificate" option to the "Web
server mode" prompt when running `writefreely --config`. When chosen,
it'll set `autocert` to `true` and set the path for certs and keys to
`certs`.

Ref T542

@thebaer thebaer added this to the 0.11 milestone Jul 21, 2019

@thebaer

This comment has been minimized.

Copy link
Member Author

commented Jul 29, 2019

This still needs documentation.

@thebaer

This comment has been minimized.

Copy link
Member Author

commented Aug 2, 2019

Ideally we'll also explain how to do this in some kind of "setup" guide. But the basic docs are there, so merging now.

@thebaer thebaer merged commit 3321c75 into develop Aug 2, 2019

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@thebaer thebaer deleted the autocert branch Aug 2, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.