[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTPS for Hydra
|
From: |
Leo Famulari |
|
Subject: |
Re: HTTPS for Hydra |
|
Date: |
Thu, 4 Feb 2016 18:24:33 -0500 |
|
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Thu, Feb 04, 2016 at 11:56:52PM +0100, Roel Janssen wrote:
> Dear list,
>
> I would like to propose adding HTTPS support for hydra.gnu.org. The
> direct need to have this set up, is to allow the build status icons to
> load on the packages page of the Guix website.
>
> Fortunately, this should be possible without causing a lot of trouble
> because Hydra uses nginx as web server. Here's the nginx manual on
> adding support for SSL/TLS:
>
> http://nginx.org/en/docs/http/configuring_https_servers.html
>
> I'm not sure what the policy for SSL/TLS certificates is, but
> personally, I think a LetsEncrypt certificate would be fine:
>
> https://www.letsencrypt.org
>
> A short guide to get it up and running is here:
>
> https://adambard.com/blog/using-letsencrypt-with-nginx/
If we decide to use Let's Encrypt, I recommend using the "webroot" [0]
method instead of the method described in that link. The webroot method
does not require server downtime, while the method used in that link
does require you to stop the nginx server every couple months when you
renew the certificates.
>
> What do you think about adding SSL/TLS to Hydra? And is anyone with
> access to hydra.gnu.org willing to take the time to configure nginx and
> get a certificate?
>
> Kind regards,
> Roel
>
[0]
http://letsencrypt.readthedocs.org/en/latest/using.html#webroot
- HTTPS for Hydra, Roel Janssen, 2016/02/04
- Re: HTTPS for Hydra,
Leo Famulari <=