diff options
| author | Eric Hodel <drbrain@segment7.net> | 2023-12-27 06:15:48 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-27 14:15:48 +0000 |
| commit | d52e57612942cbe0c6a0dd774fcc2caac8f439d5 (patch) | |
| tree | 6abc226ffa71156b0ac747529e7effaa21c75c15 /docs | |
| parent | feat: add semver checking to client requests (#1456) (diff) | |
| download | atuin-d52e57612942cbe0c6a0dd774fcc2caac8f439d5.zip | |
feat: Add TLS to atuin-server (#1457)
* Add TLS to atuin-server
atuin as a project already includes most of the dependencies necessary
for server-side TLS. This allows `atuin server start` to use a TLS
certificate when self-hosting in order to avoid the complication of
wrapping it in a TLS-aware proxy server.
Configuration is handled similar to the metrics server with its own
struct and currently accepts only the private key and certificate file
paths.
Starting a TLS server and a TCP server are divergent because the tests
need to bind to an arbitrary port to avoid collisions across tests. The
API to accomplish this for a TLS server is much more verbose.
* Fix clippy, fmt
* Add TLS section to self-hosting
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/docs/self-hosting/self-hosting.md | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/docs/self-hosting/self-hosting.md b/docs/docs/self-hosting/self-hosting.md index 8379f43f..621b00f3 100644 --- a/docs/docs/self-hosting/self-hosting.md +++ b/docs/docs/self-hosting/self-hosting.md @@ -39,3 +39,14 @@ ATUIN_DB_URI="postgres://user:password@hostname/database" | `db_uri` | A valid PostgreSQL URI, for saving history (default: false) | | `path` | A path to prepend to all routes of the server (default: false) | +### TLS + +The server supports TLS through the `[tls]` section: + +```toml +[tls] +enabled = true +cert_path = "/path/to/letsencrypt/live/fully.qualified.domain/fullchain.pem" +pkey_path = "/path/to/letsencrypt/live/fully.qualified.domain/privkey.pem" +``` + |