From e199b999473d82a1b5e06d84415c228451d8425e Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Thu, 18 Jul 2024 19:42:05 +0200 Subject: [PATCH 1/2] fix gpg basics ref --- data/gpg/basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/gpg/basics.md b/data/gpg/basics.md index 4e5db11..2185055 100644 --- a/data/gpg/basics.md +++ b/data/gpg/basics.md @@ -124,7 +124,7 @@ Refreshing keys will tell you if some key you have contains a signature from som gpg --refresh-keys ``` -You can use the [crontab](../basics/cron.md) to refresh keys. +You can use the [crontab](../../basics/cron.md) to refresh keys. # Export From 47961779d52f01b0d8ac586a735f9044ba0cc479 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Fri, 19 Jul 2024 21:04:23 +0200 Subject: [PATCH 2/2] note soft-serve through https --- data/soft_https.md | 69 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 data/soft_https.md diff --git a/data/soft_https.md b/data/soft_https.md new file mode 100644 index 0000000..4122f42 --- /dev/null +++ b/data/soft_https.md @@ -0,0 +1,69 @@ +--- +title: "Soft Serve through https" +tags: [ "data", "git" ] +--- + +## `http` Setup + +In this example, the port used is `23231`, but it can be anything. +Open `/var/lib/soft-serve/data/config.yaml` and make sure the `http` section looks like this: + +``` +# The HTTP server configuration. +http: + # The address on which the HTTP server will listen. + listen_addr: ":23232" + + # The path to the TLS private key. + tls_key_path: "" + + # The path to the TLS certificate. + tls_cert_path: "" + + # The public URL of the HTTP server. + # This is the address that will be used to clone repositories. + # Make sure to use https:// if you are using TLS. + public_url: "http://localhost:23232" + +``` + +Restart the `soft-serve` service, then check it's working by cloning from localhost: + +```bash +git clone http://localhost:23232/${some_repo}.git +``` + +## `https` Setup + +Put this file at `/etc/nginx/sites-enabled/$DOMAIN.tld`, then set up standard certificates with [nginx](../networking/website/nginx.md). + +(replace `${DOMAIN_NAME}` with your domain's name). + +``` + server { + listen 80; + server_name ${DOMAIN_NAME}; + + location / { + proxy_pass http://localhost:23232; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + return 301 https://$server_name$request_uri; +} + + server { + listen 443 ssl; + server_name ${DOMAIN_NAME}; + + location / { + proxy_pass http://localhost:23232; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} + +```