It's been Caddy, as at that time only she offered no fuss automatic Let's Encrypt certs. I see now camlistored supports it, too. I've transformed my config to: Caddy listens on https://camli.gthomas.eu, forwards the connection to https://127.0.0.1:3179, where camlistored listens.
But I get PUBLISHER: 2016/05/27 20:51:26 Starting publisher version 2016-05-23-8d4f18e; Go go1.6.2 (linux/amd64) PUBLISHER: 2016/05/27 20:51:26 Starting to listen on https://127.0.0.1:33699 2016/05/27 20:51:26 Available on https://camli.gthomas.eu/ui/ 2016/05/27 20:51:26 http: TLS handshake error from 127.0.0.1:50550: EOF 2016/05/27 20:51:30 http: proxy error: x509: certificate signed by unknown authority 2016/05/27 20:51:30 http: TLS handshake error from 127.0.0.1:50556: remote error: bad certificate even with 6646/2. What kind of config works? Mathieu Lonjaret <[email protected]> ezt írta (időpont: 2016. máj. 27., P, 15:47): > I've been making changes so that the app should work by itself (i.e. > when getting requests directly, not proxied through camlistored), but > let's stay with the usual case for now, i.e. camlistored gets the > requests and its app handler proxies them to the publisher. So yes, > let's keep your Caddy proxying as it is. > > Next question: if Caddy is listening on TLS, why aren't you doing the > same thing for camlistored? Why do you want unencrypted traffic > between Caddy and Camlistore? > > On 27 May 2016 at 15:30, Gulácsi Tamás <[email protected]> wrote: > > Yes. > > Caddy is listening on 0.0.0.0:443, forwarding anything for > > https://camli.gthomas.eu:443/ to http://localhost:3179. > > So Camlistored is listening on http://127.0.0.1:3179. > > > > I can make Caddy proxy https://camli.gthomas.eu/pics/ to somewhere > else, but > > now it goes to camlistored, without modification. > > > > Mathieu Lonjaret <[email protected]> ezt írta (időpont: 2016. > máj. > > 27., P, 15:09): > >> > >> Alright, so let's discuss your setup so I can try to reproduce it > please. > >> > >> Is Caddy the software facing the outside world? And it is listening on > >> https://camli.gthomas.eu:443 ? > >> And do I understand correctly that the end goal for you is to have the > >> publisher displayed when someone hits https://camli.gthomas.eu/pics/ ? > >> How do you make Caddy proxy the relevant requests to your Camlistore > >> instance? > >> > >> > >> On 25 May 2016 at 01:46, Mathieu Lonjaret <[email protected]> > >> wrote: > >> > Hey Tamás, > >> > > >> > Could you please let me know if > >> > https://camlistore-review.googlesource.com/6646 makes it easier for > >> > you to run the publisher with your setup? > >> > Note that in the high-level config for the publisher, baseURL is now > >> > backendURL, and that you can now specify "listen" too. > >> > > >> > thanks, > >> > Mathieu > >> > > >> > > >> > On 13 May 2016 at 13:21, Gulácsi Tamás <[email protected]> wrote: > >> >> Thanks! > >> >> Changed. > >> >> > >> >> Adrian Tritschler <[email protected]> ezt írta (időpont: > >> >> 2016. > >> >> máj. 13., P, 13:15): > >> >>> > >> >>> I'm not sure if you intended it, but you've posted the URL, login > and > >> >>> password of your camlistore. You may wish to change the password. > >> >>> > >> >>> Adrian > >> >>> > >> >>> > >> >>> On Monday, 9 May 2016 15:12:50 UTC+10, Tamás Gulácsi wrote: > >> >>>> > >> >>>> This is what I got in camlistored log for > >> >>>> > >> >>>> gthomas@tequila:~$ cat .config/camlistore/server-config.json > >> >>>> { > >> >>>> "listen": "0.0.0.0:3179", > >> >>>> "baseURL": "https://camli.gthomas.eu";, > >> >>>> "shareHandler": true, > >> >>>> "https": false, > >> >>>> "httpsCert": > >> >>>> "/home/gthomas/.config/camlistore/camli.gthomas.eu.crt", > >> >>>> "httpsKey": > >> >>>> "/home/gthomas/.config/camlistore/camli.gthomas.eu.key", > >> >>>> "auth": "userpass:gthomas:majdhafagy:+localhost", > >> >>>> "identity": "974EA38B", > >> >>>> "identitySecretRing": > >> >>>> "/home/gthomas/.config/camlistore/identity-secring.gpg", > >> >>>> "levelDB": "/home/gthomas/var/camlistore/camli-index.leveldb", > >> >>>> "blobPath": "/home/gthomas/var/camlistore/packs", > >> >>>> "packBlobs": true, > >> >>>> "runIndex": true, > >> >>>> "copyIndexToMemory": true, > >> >>>> "mysql": "", > >> >>>> "mongo": "", > >> >>>> "postgres": "", > >> >>>> "sqlite": "", > >> >>>> "s3": "", > >> >>>> "replicateTo": [], > >> >>>> "publish": { > >> >>>> "/pics/": { > >> >>>> "camliRoot": "pics", > >> >>>> "cacheRoot": > >> >>>> "/home/gthomas/var/camlistore/blobs/cache", > >> >>>> "goTemplate": "gallery.html" > >> >>>> } > >> >>>> } > >> >>>> } > >> >>>> > >> >>>> gthomas@tequila:~$ camget > >> >>>> sha1-de682600ddf64620b322971c94e7911bebe4865b > >> >>>> {"camliVersion": 1, > >> >>>> "camliSigner": "sha1-01c5e458c48552abac802d4f8b52b093efbb2caa", > >> >>>> "camliType": "permanode", > >> >>>> "key": "pics" > >> >>>> > >> >>>> > >> >>>> > ,"camliSig":"wsBcBAABCAAQBQJXE4QgCRAdaMP0l06jiwAAG0gIAIZlrpoWvCFnjptlprCE2QnlTma+R63G/2PLKlY5oZPC7p/yBQp+6ESBN5le3ohhDvp1TMWcuq1bFDushTYqdqparu6ZFGgf0NKKXaO47PYbPdDDUJcuZQ3dsCWguXcbT0Vaik297sQirakGUZ+TRisveqiWdswAx3OYFq1YpxQG542uF70RK6lHPO3si4mf5l30A6KNNc28W0/lHfSHteKNZxn1sFXw2nbRPF6JdXXq8YXXt28mOetcqXj9XhBfZbP0zrMEZ2NPOljIzaUSGCmAb2Xu/oTix5w7j/Zg7C+dBJ9JElXGfmYoTZcMpjw4UqS6CGhdjHVcgB6nX5elKJE==4waQ"} > >> >>>> > >> >>>> I get same error if I change the "camliRoot" to > >> >>>> "sha1-de682600ddf64620b322971c94e7911bebe4865b", so now I don't > know > >> >>>> what to > >> >>>> do. > >> >>>> > >> >>>> > >> >>>> What kind of permanode does publish need for its root? > >> >>>> Why is that "mypics" (the key) in the example config? > >> >>>> Why doesn't this work? > >> >>>> > >> >>>> Thanks, > >> >>>> Tamás Gulácsi > >> >>>> > >> >>> -- > >> >>> You received this message because you are subscribed to a topic in > the > >> >>> Google Groups "Camlistore" group. > >> >>> To unsubscribe from this topic, visit > >> >>> > https://groups.google.com/d/topic/camlistore/bQlWEjy0i7o/unsubscribe. > >> >>> To unsubscribe from this group and all its topics, send an email to > >> >>> [email protected]. > >> >>> For more options, visit https://groups.google.com/d/optout. > >> >> > >> >> -- > >> >> You received this message because you are subscribed to the Google > >> >> Groups > >> >> "Camlistore" group. > >> >> To unsubscribe from this group and stop receiving emails from it, > send > >> >> an > >> >> email to [email protected]. > >> >> For more options, visit https://groups.google.com/d/optout. > >> > >> -- > >> You received this message because you are subscribed to a topic in the > >> Google Groups "Camlistore" group. > >> To unsubscribe from this topic, visit > >> https://groups.google.com/d/topic/camlistore/bQlWEjy0i7o/unsubscribe. > >> To unsubscribe from this group and all its topics, send an email to > >> [email protected]. > >> For more options, visit https://groups.google.com/d/optout. > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Camlistore" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Camlistore" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/camlistore/bQlWEjy0i7o/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Camlistore" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
