diff options
| author | Ellie Huxtable <ellie@atuin.sh> | 2026-01-22 16:12:12 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-01-22 16:12:12 -0800 |
| commit | 75bb1478fbb1c9cb6f25635023ea270f07259766 (patch) | |
| tree | 1d8d7c67a5734ac24bff3dea49e2ea0ccba4a5f6 /docs | |
| parent | fix: zsh import multiline issue (#2799) (diff) | |
| download | atuin-75bb1478fbb1c9cb6f25635023ea270f07259766.zip | |
chore(deps)!: update tls deps, remove built-in tls server support (#3091)
Update reqwest from 0.12 to 0.13 and remove the built-in TLS termination
from atuin-server. Users should use a reverse proxy (nginx, caddy,
traefik) for TLS/HTTPS support instead.
This removes:
- axum-server and rustls dependencies
- The [tls] configuration section
- The launch_with_tls function
Also updates metrics-exporter-prometheus from 0.17 to 0.18.
The reverse proxy approach is standard and provides better flexibility
for certificate management. I'd rather keep our server stack as minimal
as possible.
<!-- Thank you for making a PR! Bug fixes are always welcome, but if
you're adding a new feature or changing an existing one, we'd really
appreciate if you open an issue, post on the forum, or drop in on
Discord -->
## Checks
- [ ] I am happy for maintainers to push small adjustments to this PR,
to speed up the review cycle
- [ ] I have checked that there are no existing pull requests for the
same thing
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/docs/self-hosting/server-setup.md | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/docs/docs/self-hosting/server-setup.md b/docs/docs/self-hosting/server-setup.md index 942312fe..e983fa0b 100644 --- a/docs/docs/self-hosting/server-setup.md +++ b/docs/docs/self-hosting/server-setup.md @@ -56,11 +56,6 @@ You will need to map some sort of persistent volume for the /config directory an ### TLS -The server supports TLS through the `[tls]` section: +For TLS/HTTPS support, we recommend using a reverse proxy such as nginx, caddy, or traefik in front of the Atuin server. This is the standard approach for containerized applications and provides better flexibility for certificate management. -```toml -[tls] -enable = true -cert_path = "/path/to/letsencrypt/live/fully.qualified.domain/fullchain.pem" -pkey_path = "/path/to/letsencrypt/live/fully.qualified.domain/privkey.pem" -``` +> **Note:** The built-in `[tls]` configuration option has been removed. If you were previously using it, please migrate to a reverse proxy setup. Any existing `[tls]` sections in your config will be ignored. |