OpenI
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
8420 Commits
197 Branches
392 MB
3453 Download
Tree: 8ff3d5cc35
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8ff3d5cc35'
${ noResults }
aiforge/docs/content/doc/usage/https-support.md

https-support.md 2.9 kB
Raw Normal View History

Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Fix headline (#6353)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Copyedit docs (#6275)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Doc recommend to use reverse proxy if Apache/nginx is also running on… (#8384) * Doc recommend to use reverse proxy if Apache/nginx is also running on server * Update docs/content/doc/usage/https-support.md Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>
5 years ago
Copyedit docs (#6275)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Cleanup https support code snippet (#8370)
5 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Cleanup https support code snippet (#8370)
5 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Documentation: Clarity for HTTPS setups (#5626) [https-setup] - Made it clearer that HTTP redirection is possible [config-cheat-sheet] - Clarified the behavihour of the redirection-related config keys
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Copyedit docs (#6275)
6 years ago
Documentation: Clarity for HTTPS setups (#5626) [https-setup] - Made it clearer that HTTP redirection is possible [config-cheat-sheet] - Clarified the behavihour of the redirection-related config keys
6 years ago
add letsencrypt to Gitea (#4189)
6 years ago
Copyedit docs (#6275)
6 years ago
add letsencrypt to Gitea (#4189)
6 years ago
Copyedit docs (#6275)
6 years ago
add letsencrypt to Gitea (#4189)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Copyedit docs (#6275)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Fix link in HTTPS doc (#4135)
7 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
Copyedit docs (#6275)
6 years ago
Add how-to for enabling HTTPS (#4101) Signed-off-by: Jonas Franz <info@jonasfranz.de>
7 years ago
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. ---

  2. date: "2018-06-02T11:00:00+02:00"

  3. title: "Usage: HTTPS setup"

  4. slug: "https-setup"

  5. weight: 12

  6. toc: true

  7. draft: false

  8. menu:

  9.   sidebar:

  10.     parent: "usage"

  11.     name: "HTTPS setup"

  12.     weight: 12

  13.     identifier: "https-setup"

  14. ---

  15. 

  16. # HTTPS setup to encrypt connections to Gitea

  17. 

  18. ## Using the built-in server

  19. 

  20. Before you enable HTTPS, make sure that you have valid SSL/TLS certificates.

  21. You could use self-generated certificates for evaluation and testing. Please run `gitea cert --host [HOST]` to generate a self signed certificate.

  22. 

  23. If you are using Apache or nginx on the server, it's recommended to check the [reverse proxy guide]({{< relref "doc/usage/reverse-proxies.en-us.md" >}}).

  24. 

  25. To use Gitea's built-in HTTPS support, you must change your `app.ini` file:

  26. 

  27. ```ini

  28. [server]

  29. PROTOCOL  = https

  30. ROOT_URL  = https://git.example.com:3000/

  31. HTTP_PORT = 3000

  32. CERT_FILE = cert.pem

  33. KEY_FILE  = key.pem

  34. ```

  35. 

  36. To learn more about the config values, please checkout the [Config Cheat Sheet](../config-cheat-sheet#server).

  37. 

  38. ### Setting up HTTP redirection

  39. 

  40. The Gitea server is only able to listen to one port; to redirect HTTP requests to the HTTPS port, you will need to enable the HTTP redirection service:

  41. 

  42. ```ini

  43. [server]

  44. REDIRECT_OTHER_PORT = true

  45. ; Port the redirection service should listen on

  46. PORT_TO_REDIRECT = 3080

  47. ```

  48. 

  49. If you are using Docker, make sure that this port is configured in your `docker-compose.yml` file.

  50. 

  51. ## Using Let's Encrypt

  52. 

  53. [Let's Encrypt](https://letsencrypt.org/) is a Certificate Authority that allows you to automatically request and renew SSL/TLS certificates. In addition to starting Gitea on your configured port, to request HTTPS certificates, Gitea will also need to listed on port 80, and will set up an autoredirect to HTTPS for you. Let's Encrypt will need to be able to access Gitea via the Internet to verify your ownership of the domain.

  54. 

  55. By using Let's Encrypt **you must consent** to their [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf).

  56. 

  57. ```ini

  58. [server]

  59. PROTOCOL=https

  60. DOMAIN=git.example.com

  61. ENABLE_LETSENCRYPT=true

  62. LETSENCRYPT_ACCEPTTOS=true

  63. LETSENCRYPT_DIRECTORY=https

  64. LETSENCRYPT_EMAIL=email@example.com

  65. ```

  66. 

  67. To learn more about the config values, please checkout the [Config Cheat Sheet](../config-cheat-sheet#server).

  68. 

  69. ## Using reverse proxy

  70. 

  71. Setup up your reverse proxy as shown in the [reverse proxy guide](../reverse-proxies).

  72. 

  73. After that, enable HTTPS by following one of these guides:

  74. 

  75. * [nginx](https://nginx.org/en/docs/http/configuring_https_servers.html)

  76. * [apache2/httpd](https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html)

  77. * [caddy](https://caddyserver.com/docs/tls)

  78. 

  79. Note: Your connection between your reverse proxy and Gitea might be unencrypted. To encrypt it too, follow the [built-in server guide](#using-built-in-server) and change

  80. the proxy url to `https://[URL]`.

No Description