~ancarda/tls-redirector

2.4 8 months ago .tar.gz browse log

2.4 - Nice looking HTML error pages

This release improves the end-user experience by introducing nicer looking HTML
error pages, rather than the one-line text that used to be output by
tls-redirector.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEElhL2x5LJ+0AuphrBpEC9XN5cofcFAl9VD1QACgkQpEC9XN5c
offoNxAAo3AAT9NMjDiIHQFXaHn/+7zoQy8wGWOqNj4ITAFjODX398mLCvSkKwNi
7NCXuIW1wA+CtGH0YL3pxoYBpnYFtWrf0J4IGynRT7EaGxYUIozE38lnQBEMP/8i
I3YA5qkzR/3o2o1K0YwteMrJls1T+2yY0bIYYxMtfx/HKVKOo8dqBZDqqUPVbk5M
tyQ/KfMViZRfSASSLp2nAiTGTqUTB4/OivbAW3xYU5MyDMKvOz8bROcgUWyhZuap
S6WE9et2rWjNLBthMoSIYCmn0AKGkrY/xU6fHv8mJeg11cwXNAXgD4tM65oZ3Xqt
V9fpa5tsJyqsNUcZziy8mtR5YxuxIuLsEzHffP74R8GslX+r9T2fiDHeyZot2oef
cGW5fnTSFeZ10HfYpJuZNa7J3rJNAwqLRO9ESyQnIU0LlbGhhNjqdvhOA8UX1lrG
7CHHc6b8oBkZOEjVvi9nWieS40s1Ge62Gf6TpO754QTozU/HS3SSOnve7bAUwXRd
gU8KLKM5Q9/LIEaMfwV3HPUZC70utZJ4O/veoThHY4N0f97wPnzwkUMr5kQOv1c8
3on/YZJteLVnOymcykkeb5pw0BW98izEm5NJswpiTXutNaOXU7BNScgBV1hUL75F
V5ZFv4rwWDGoqfH7QATLDXw4LCDWq/ixAH1NpAUg/cQ2mTSXf60=
=n2qw
-----END PGP SIGNATURE-----

2.3 8 months ago .tar.gz browse log

2.3 - Support bracketed port-less IPv6 addresses

This release slightly improves IPv6 support, allowing "[::1]" to be sent as the
Host header.

Usually, the Host header would be `::1` (port 80) or `[::1]:1234` (port 1234).
An IPv6 address wrapped in square brackets without a port number wasn't
supported until this release.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEElhL2x5LJ+0AuphrBpEC9XN5cofcFAl9NTf0ACgkQpEC9XN5c
offgmg/+NBFyty4qeNsRoh3QzrrMZ4UeNVIHI6IVkLec0rytoYu+U0aHdezKkwu4
YccP3nG9+RdICO2EtkqadeOQWkr3Dc4Xjnu48w9WHu+rwXxnKjFnON93kmHNhm8n
DcNlVIzHFtX3X+HMibseKmxzSuoxy8oDNGND5EDmjZsmWVtK3wnL8QYl200icv3Y
YnSZnSYT3eiGhZLTWc7rD0tDhlgO6A161kDGNBeXCjh2lGrx2QRonKK9T1wVM9+p
6zbrHyVkvpnUo1z4vdJog2d0AULpwDM1bAbGSEAB7XYn4BYpYhEqhI2dS4/IptNY
djC4uluXRmLFW+1KCa9v9M/enU8qkXR76EYx8GbjnQUMOR3rHLV/MqQkIMRhM3+s
LDJVKggT4neYfxsQl7V3ybRUfRNOMjP29lQIaPTEhd+uGrOHsNszpPyPZWhd8nn8
PJslPAvIv5G3EP4mzGYWv57NrMeV2y1mjCsuhHUMSeg/WXidPxgQLJH8Kh2dQaO/
l4e0iq3Mssx5Rj27BN2X2qU2emxBWNe5r960cQO+MfHwl+6/GPz5El+J1Dd778+b
UBvoq2eeVWsDplpWFX70ETYTyZXv84bzlQKkoCaoQI7WcFYL3ZhRmTYm+sI9qaOh
RqxlATeb84B/OueH0yGGQYK3lJyIMioDNE7pKXTx88ROK/VbCWU=
=rm3g
-----END PGP SIGNATURE-----

2.2 8 months ago .tar.gz browse log

2.2 - Ease of use, official Docker support

This release comes with two changes for end-users aimed at making this program
as user friendly as possible:

1) PORT is now optional, even when launched without socket activation. In 2.1,
   you'd get an error message to set the PORT environmental variable. Now,
   tls-redirector will default to port 80, since that is the most likely port
   it will listen on.

2) tls-redirector now supports the standard `--version' and `--help' CLI
   arguments.

-------------------------------------------------------------------------------

For deployment, this release comes with full Docker support. You can pull down
and run the pre-built container like so:

    docker pull ancarda/tls-redirector:2.2
    docker run --restart unless-stopped -p 80:80 -d ancarda/tls-redirector:2.2

Or build one yourself like so:

    git checkout 2.2
    docker build --tag tls-redirector:2.2 .
    docker run --restart unless-stopped -p 80:80 -d tls-redirector:2.2

If you wish to serve ACME HTTP challenges, then add the following to the run
command:

    --env ACME_CHALLENGE_DIR=/acme --volume /var/www/acme:/acme

That will mount `/var/www/acme' on the host.

For more informaton: https://docs.docker.com/engine/reference/commandline/run/
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEElhL2x5LJ+0AuphrBpEC9XN5cofcFAl9KYq8ACgkQpEC9XN5c
offX+Q//SwxpAxSDP9Nef1nxEWDFTGMZs6k62Wv0VW3QJxP3YrUQVK1+TCi/lvrL
UbWElHFZKuGBNZt232Eg+d3lE9qt4rpgSThMgcnksR1VJjfu10CWXV5WPQXchzYT
jwpDVNE9K1he6QCi9+60/+v41M3lErFfrY2goD90lu84usZW69o9P/rMKit9nG9/
w/ZMiVIkbfX8jEnJRGF0xKYLVJuyAO/vAYlI9pXY+WFiOr2el/yulFo5y7IljBPG
cyv401kaTf/JaU+osGOZnhbhXCuM69NodcipZd5kbpgzedGYvswwoIArk2R+7Hq6
Dc95CL7vsy0R2HEuMxpKIcJu6dkh/GdC1hu0qTtdO6peUb4+7lSBc0b/D5wkPfut
oJk7nV9zaGhmt4mywB/CVhSU75ob4p+4IDAakdbI5aVDlzP+O8gx3JMkV8oUF7pL
1rEezZzrbKSwKUqmmL7ZCFrBjEpRs5ADI2f7OJ8JH/tpPDjTez0LJU7s+un/cS+4
wsdxaIm+yZg4HogobiZb3EKpBkywE/duPVk76SXv7qszzxFUiKYQue7AWyObUSzQ
iNMZlL8Bmh7G96S51nYRwSwQ6SXnteasUMIqo3/Oxgv7l4hOphFrBBWGQVXN3w1c
1lN6gbexKWc5Hcq3meD9QuYXDQ6f4tqdgLGAywxn/6xx4qDAIew=
=tVkZ
-----END PGP SIGNATURE-----

2.1 10 months ago .tar.gz browse log

2.1 - Simpler PORT usage

This release makes tls-redirector no longer require `PORT=systemd'
when using socket activation. Instead, tls-redirector automatically
uses systemd sockets when PORT isn't specified.

Additionally, `github.com/coreos/go-systemd' is no longer a hard
dependency as tls-redirector may be compiled without systemd. Users
who want systemd should compile this way:

    go build -tags systemd

And users who do not can simply use `go build'. Refer to the README
for more information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJe9efgAAoJEKRAvVzeXKH3l88P/RCV//87V5kSwBdJQfEtTan4
UlCDNvT5vSXZQH80EtGcF++R0DYVBY/o+MbteZocqUEEFtlTKnC7E7Mt+cmJWSyA
W4fHRGTyertj0AWvGOek/saAOMy0RWET+SuPNCUpF3n806IJ2f/YC6jyjSzzyk7/
F9HI64BquVB1JkAPolAqW5dfykfLeWrVgw02MBM5lU5z+5Lo3wluiG7rXPmYpvSh
FG9bXSv/20AoLBIn6oulG+nXYDtrTU/gXBzjHvlo4+IrlESjH17Bc8iND6+hdCBV
ZOR+8hfDtLTGchUmOFZ3pLZDuOmDRHebzKe1QaKZGPqGj2DxeFlw6m8KYYcB68IQ
loWAlW+ch/91T6/Jmn3vnoon/Lruwcw5OMaFSZiNGRLqbM2ZGNwhpidt34OLeyqt
WOC0CfNnsPDvO9ScRIFyIomPP47wX06+7LzFbYvcH54CB6VnzqLXZfF6DXfu4+mI
lAxIf6RQZADCMUhI7l80QV/mCr+ttZliNSdz5YgLE0Xax+dK0XpQXiH9MGFHkqBB
d4WSLhTdyhoGYHXAhHY1JMycvzxSoQUUWyU4uVtV+Xk17ObszTh/e8gDp7bqNtOW
RhTithlzb8cYvfWWZcPv+sglGkxrQre68CI/gXKVjPfE9OpCvAzTJcPeiSaMF6tc
dRlPFEim/cJ5q7ENoXQ6
=B955
-----END PGP SIGNATURE-----

2.0 10 months ago .tar.gz browse log

2.0 - systemd optional, EnvVars over CLI flags

Version 2.0 now allows you to run tls-redirector without using systemd
socket activation with the new PORT environmental variable.

Users of the -acme flag need to change their systemd service file to
use the new ACME_CHALLENGE_DIR variable.

These changes should make tls-redirector easier to use with Docker.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJe79inAAoJEKRAvVzeXKH3AwYP/RSTaoH3d1DQi8y1fm/x1oIk
9EKWnRFx55LOH1AVpnX3DJZx2LhvUzBFDIeiIN/QUaUl4tChjJ/cXRxTFxQi1VHG
p2ioheZkoYqG2ZfO+3e4AzhrkawBopXmFBIogU7uBK76CXuLxIDrzZczRyuWpxuK
SD+ZnYQUYINcyc5IH0WZlNEt5fKSfdxjpQtHntRpskvsKY+eGA76J9l7wNbMzErB
wPC6s2XNa/Jwks/Gf2PVYwQ6uiYK6SwUzp1+BK5pt0OiSDE3OTNIyRiOcF/cUh1l
6/GzkJgkBZjgktMBINnPhtbM9BGdqSzPRD8PZOmm+92QcNNh6oVH7M2HYZOVuh16
3lMfbbrMVw4Xjy8U+Kc8JbNs7M8od0QPIlL8yGSF4MHpATTl44qYiYO2DLZHhsS+
TPehKcG8rozOS+ylnKGX6itUQoqQcFfG2IncXhLp16XQWlCMjTYqe1G1ZmENO/1m
fh7U6DdIFr5jTFNXgweCiajfuMG5CYYrBdMgmZ0LjHy42aIxNry545tun2t3pqUx
1xauPsmv3iRMGnmqavzT7Cq/+7q1CJSDUllJS1qj0bl767wlKatt+LI9OdsxKqTt
/kX5jVPYq6VHljeuujSucfXJgEzKp3hL0cIs381bxMS4uI6ZLbjLo0y8oGJosxh0
AUiXP7tteq+vu3lv3PdC
=BkkZ
-----END PGP SIGNATURE-----

1.1 2 years ago .tar.gz browse log

Serve ACME HTTP challenges (fix #1)

This commit introduces a new flag, acme (string) that serves plain text
files at .well-known/acme-challenge. This is intended to help TLS
deployments that depend on ACME's HTTP challenges. Most Let's Encrypt
users likely depend on this being available, even if they are committed
to being TLS only.

You're encouraged to use DNS challenges if possible so that serving up
files isn't required and you can disable all disk access by
tls-redirector.

1.0 2 years ago .tar.gz browse log

Initial commit of tls-redirector

This is a tiny HTTP server that redirects all incoming, valid traffic
to HTTPS.