Releases: ancarda/tls-redirector
2.4 - Nice looking HTML error pages
This release improves the end-user experience by introducing nicer looking HTML error pages, rather than the one-line text that used to be output by tls-redirector.
docker run --restart unless-stopped -p 80:80 -d ancarda/tls-redirector:2.4
2.3 - Support bracketed port-less IPv6 addresses
This release slightly improves IPv6 support, allowing "[::1]" to be sent as the Host header.
Usually, the Host header would be ::1 (port 80) or [::1]:1234 (port 1234). An IPv6 address wrapped in square brackets without a port number wasn't supported until this release.
docker run --restart unless-stopped -p 80:80 -d ancarda/tls-redirector:2.3
2.2 - Ease of use, official Docker support
This release comes with two changes for end-users aimed at making this program as user friendly as possible:
-
PORT is now optional, even when launched without socket activation. In 2.1, you'd get an error message to set the PORT environmental variable. Now, tls-redirector will default to port 80, since that is the most likely port it will listen on.
-
tls-redirector now supports the standard
--versionand--helpCLI arguments.
For deployment, this release comes with full Docker support. You can pull down and run the pre-built container like so:
docker pull ancarda/tls-redirector:2.2
docker run --restart unless-stopped -p 80:80 -d ancarda/tls-redirector:2.2
Or build one yourself like so:
git checkout 2.2
docker build --tag tls-redirector:2.2 .
docker run --restart unless-stopped -p 80:80 -d tls-redirector:2.2
If you wish to serve ACME HTTP challenges, then add the following to the run command:
--env ACME_CHALLENGE_DIR=/acme --volume /var/www/acme:/acme
That will mount /var/www/acme on the host.
For more informaton: https://docs.docker.com/engine/reference/commandline/run/
2.1 - Simpler PORT usage
Version 2.1 makes tls-redirector no longer require PORT=systemd when using socket activation. Instead, tls-redirector automatically
uses systemd sockets when PORT isn't specified.
Additionally, github.com/coreos/go-systemd is no longer a hard dependency as tls-redirector may be compiled without systemd. Users who want systemd should compile this way:
go build -tags systemd
And users who do not can simply use go build. Refer to the README for more information.
2.0 - systemd optional, EnvVars over CLI flags
Version 2.0 now allows you to run tls-redirector without using systemd socket activation with the new PORT environmental variable.
Users of the -acme flag need to change their systemd service file to use the new ACME_CHALLENGE_DIR variable.
These changes should make tls-redirector easier to use with Docker.
1.1 - Support for ACME HTTP challenges
3072db1
ancarda
Mark Dain
Version 1.1 introduces a new flag, -acme (string) that is the path to a directory on disk where plain text files may be served from .well-known/acme-challenge. This is intended to help TLS deployments that depend on ACME's HTTP challenges. Most Let's Encrypt users likely depend on this being available, even if they are committed to being TLS only.
You're encouraged to use DNS challenges if possible so that serving up files isn't required and you can disable all disk access by tls-redirector.
Users who validate and renew certificates via other mechanisms, including email verification, should remain on 1.0 as they do not require the new serving capabilities. If -acme is not passed, no file serving code is activated.
This release does not include any performance changes or bug fixes.