GithubHelp home page GithubHelp logo

Allow graceful TLS key rotation about galene HOT 6 CLOSED

jech avatar jech commented on June 27, 2024
Allow graceful TLS key rotation

from galene.

Comments (6)

athoune avatar athoune commented on June 27, 2024

GetCertificate method, for just in time certificate read will only be used for new connections. Websocket will keep the connection opened for a long time.

Why do you care about certificate reload? paid certifcate are valid for years.
If you choose to use LE, using a proxy like Traefik or Caddy (and sharing web with other applications) will be more simple.
Integrating lego lib in galene is more robust than cron+certbot+kill -HUP.

from galene.

tohojo avatar tohojo commented on June 27, 2024

from galene.

athoune avatar athoune commented on June 27, 2024

But if you're not sharing the IP with other applications, that just
means another service to configure...
You are using one IP per service ? ipv6 was done for you!

Using a complete HTTP server for handling multihosting, throtlling, bot ban … is just a standard. Few call it ingress.

Integrating lego lib in galene is more robust than cron+certbot+kill
-HUP.

Why would that be more robust?

that just means another service to configure, and a cron to miss.

from galene.

jech avatar jech commented on June 27, 2024

Galène is meant to work both behind a reverse proxy and directly exposed to the Internet. This is not open to discussion.

from galene.

athoune avatar athoune commented on June 27, 2024

Sure, the discussion was more about lego integration (inside) vs certbot integration (outside).

from galene.

jech avatar jech commented on June 27, 2024

Fixed in b1babf5.

from galene.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.