mirror of
https://github.com/urbit/shrub.git
synced 2024-12-19 00:13:12 +03:00
27349c51ab
if a cert is configured and a secure port is live it will set the redirect flag in http-config.state. When it gets a ++request it will return a 301 redirect to https://[host]/[path] if: 1. not already secure 2. redirect flag set 3. secure port live 4. is not requesting /.well-known/acme-challenge/... 5. the host is in domains.state It will not happen if forwarded-secured, localhost, local loopback, ip addresses or domains not in domains.state. in ++load it checks the secure port is live and a cert is set and enables it if so (for people who already use in-urbit letencrypt) %rule %cert tasks also toggle it (only turning it on if secure port live) %live tasks also toggle it (only turning it on if cert set) Have tested with a couple of ships and seems to work fine. This is useful in combination with pyry's auto arvo.network dns config system - can finally get rid of reverse proxies entirely. |
||
|---|---|---|
| .. | ||
| vane | ||
| arvo.hoon | ||
| hoon.hoon | ||
| lull.hoon | ||
| zuse.hoon | ||