Go to file
2021-12-05 22:12:48 +01:00
debug-stepper gofmt -s -w *.go */*.go 2021-11-25 16:12:28 +01:00
haproxy-sni Add screenshot of the SNI test script 2021-06-06 12:42:46 +02:00
.gitignore ignore vendor/ folder 2021-11-25 16:19:04 +01:00
404.html Completely refactor certificates and implement renewal & cleanup 2021-11-20 15:30:58 +01:00
certificates.go Run gofmt 2021-12-01 22:59:52 +01:00
domains.go Switch GiteaApiToken from byte to string 2021-11-26 17:10:31 +01:00
go.mod Update everything & add Justfile 2021-11-20 15:31:10 +01:00
go.sum Update everything & add Justfile 2021-11-20 15:31:10 +01:00
handler_test.go gofmt -s -w *.go */*.go 2021-11-25 16:12:28 +01:00
handler.go Hotfix for #27: avoid slash before .html in GitHub compatibility redirects 2021-12-05 22:12:48 +01:00
helpers.go (Ab)use CSR field to store try-again date for renewals (instead of showing a mock cert), must be tested when the first renewals are due 2021-12-01 22:49:48 +01:00
Justfile Add build script & ignore files 2021-11-20 21:43:12 +01:00
LICENSE Release under EUPL v. 1.2 2021-03-17 01:21:50 +01:00
main.go Remove REDIRECT_BROKEN_DNS page and instead use "Failed Dependency" error 2021-12-01 22:59:38 +01:00
README.md Remove REDIRECT_BROKEN_DNS page and instead use "Failed Dependency" error 2021-12-01 22:59:38 +01:00

Environment

  • HOST & PORT (default: [::] & 443): listen address.
  • PAGES_DOMAIN (default: codeberg.page): main domain for pages.
  • RAW_DOMAIN (default: raw.codeberg.org): domain for raw resources.
  • GITEA_ROOT (default: https://codeberg.org): root of the upstream Gitea instance.
  • GITEA_API_TOKEN (default: empty): API token for the Gitea instance to access non-public (e.g. limited) repos.
  • REDIRECT_RAW_INFO (default: https://docs.codeberg.org/pages/raw-content/): info page for raw resources, shown if no resource is provided.
  • ACME_API (default: https://acme-v02.api.letsencrypt.org/directory): set this to https://acme.mock.director to use invalid certificates without any verification (great for debugging).
    ZeroSSL might be better in the future as it doesn't have rate limits and doesn't clash with the official Codeberg certificates (which are using Let's Encrypt), but I couldn't get it to work yet.
  • ACME_EMAIL (default: noreply@example.email): Set this to "true" to accept the Terms of Service of your ACME provider.
  • ACME_EAB_KID & ACME_EAB_HMAC (default: don't use EAB): EAB credentials, for example for ZeroSSL.
  • ACME_ACCEPT_TERMS (default: use self-signed certificate): Set this to "true" to accept the Terms of Service of your ACME provider.
  • ACME_USE_RATE_LIMITS (default: true): Set this to false to disable rate limits, e.g. with ZeroSSL.
  • ENABLE_HTTP_SERVER (default: false): Set this to true to enable the HTTP-01 challenge and redirect all other HTTP requests to HTTPS. Currently only works with port 80.
  • DNS_PROVIDER (default: use self-signed certificate): Code of the ACME DNS provider for the main domain wildcard.
    See https://go-acme.github.io/lego/dns/ for available values & additional environment variables.