Thelounge: Automatically renew/generate LetsEncrypt certificates

Created on 4 May 2017 · 4Comments · Source: thelounge/thelounge

Pretty sure this is possible, unsure if it's a good idea. Should have a config option to renew certificate, and if one doesn't exist, generate it. (One option only, should check if it exists on startup or something and act accordingly)

Won't Fix Feature Security

Source

MaxLeiter

Most helpful comment

I'm not sure we should. It's this constant discussion of whether we should have an app that can be used fully without using any extra tools. We have discussed many different things (reverse proxy, etc) that we agreed shouldn't be in our app. I think this is the same. People can bring in their SSL certificates from anywhere. We can recommend letsencrypt, but I don't think we should do that ourselves. Especially as letsencrypt requires root as it binds to port 80, and we definitely don't want to be requiring people to run as root.

McInkay on 4 May 2017

👍3

All 4 comments

McInkay on 4 May 2017

👍3

I think there's a jump between shipping a reverse proxy and generating SSL certs, but I agree regarding root. However, there are methods of using LE w/o root , but I can't find any javascript-related solutions.

MaxLeiter on 4 May 2017

This is something people can easly do themself trough https://certbot.eff.org and I don't think TheLounge should do it. There's also a million other ways of doing SSL.

fnutt on 4 May 2017

🚀1 👍1

Closing as this isn't something we should do. If there needs to exist a JS solution, then someone can make it, but the lounge is not the place for that.

McInkay on 30 Jun 2017

Was this page helpful?

0 / 5 - 0 ratings