GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
gnu-social/docs/developer/src/install/tls.md
Diogo Peralta Cordeiro cc9f2d6ff2
[DOCUMENTATION] Three books instead of only one 
The User one is intended to illustrate the various common use cases, possibilities regarding customization and introduce the existing functionalities.

The Administrator one explains the step by step of how to install and maintain a GNU social instance, be it as node of The Free Network or as an intranet social network in a company setting.

The Developer one starts by introducing the Modules system and architecture, then the plugin development process and finally the exciting internals of GNU social for those looking forward to make the most advanced contributions.
2021-09-14 13:11:49 +01:00

34 lines
1.5 KiB
Markdown
Raw Blame History

## Configuring TLS/SSL
You should configure a valid certificate and use TLS/SSL in most cases,
one exception being wanting to use the Tor network.
The `bin/configure` script is capable of setting this up for you if you use a
Docker container. Otherwise, using [certbot](https://certbot.eff.org/) and
[Let's Encrypt](https://letsencrypt.org/) is recommended
There are multiple approaches to achieve this, among which are using
your own (non-self) signed certificate, or using a proxy service
capable of either proxying an HTTP connection to HTTPS (not
recommended) or an HTTPS connection to HTTPS. For this approach,
follow the instructions of your proxy service provider, but generally
you'll use a self signed certificate, which the configuration script
can generate.
TODO Mail server configuration (links below)
GNU social can be configured to send emails for various reasons. See
[mail server configuration](). You'll need a certificate for your web
domain and your mail domain, which may or may not be the same (if you
use the same hostname for both, or a certificate valid for both).
TODO improve external certificate handling
If you prefer to not use Let's Encrypt, or the docker container, pick
`mixed` and uncheck the `certbot` service or pick `external`.
Place your certificate in the folder
`docker/certbot/.files/live/$HOSTNAME/`, where `$HOSTNAME` is the name
where you want to host your node, such as `social.yourdomain`.
Remember you also need a certificate for your mail server.
View Git Blame Copy Permalink