8000 GitHub - dominicletz/certmagex: Automatic SSL certs from Let's Encrypt for your Phoenix applications
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ certmagex Public

Automatic SSL certs from Let's Encrypt for your Phoenix applications

License

MIT license
27 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dominicletz/certmagex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
.github/workflows
.github/workflows
 
 
lib
lib
 
 
src
src
 
 
test
test
 
 
.formatter.exs
.formatter.exs
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
mix.exs
mix.exs
 
 

Repository files navigation

CertMagex

Automatic SSL certs from Let's Encrypt for your Phoenix applications. This is based on the ZeroSSL library which is used for the ACME handshake. Plugging into the sni_fun and the name is inspired by similar functionality of the golang certmagic library.

This is used in the real world for example on https://tcpbin.net.

Installation

For Cowboy add to your prod.exs:

config <your_app>, <your_endpoint>,
  https: [port: 443, sni_fun: &CertMagex.sni_fun/1],
  # ATTENTION: Ensure you comment http: out and port 80 is free!
  ...

For Bandit add to your prod.exs:

config <your_app>, <your_endpoint>,
  https: [port: 443, thousand_island_options: [transport_options: [sni_fun: &CertMagex.sni_fun/1]]],
  # ATTENTION: Ensure you comment http: out and port 80 is free!
  ...

And add this to your deps:

def deps do
  [
    {:certmagex, "~> 1.0"}
  ]
end

You're done!

Optional Configuration values

The following configuration values are optional and can be set in your config.exs file.

  • user_email: The email to use for the ACME handshake. Let's encrypt might send informational emails to this address.
  • provider: The provider to use for the ACME handshake. Can be :letsencrypt or :zerossl. Defaults to :letsencrypt.
  • account_key: The account key to use for the ACME handshake. Required only for :zerossl provider.
  • addr: The address to bind to for the ACME handshake. Defaults to 0.0.0.0 on IPv4 and :: on IPv6.
  • storage_module: The module to use for storage. Defaults to CertMagex.Storage.Acmev2Adapter. Changing the module allows storing retrieved certificates in a different storage location.
  • renewal_threshold: The threshold for certificate renewal. Defaults to renewing certificates if they have 86_400 seconds (1 day) of validity left.

Example config.exs

config :certmagex,
  provider: :zerossl,
  account_key: System.get_env("ZEROSSL_ACCOUNT_KEY"),
  addr: "0.0.0.0",
  user_email: "your@email.com",
  storage_module: CertMagex.Storage.Acmev2Adapter

Notes

Generated certificates are by default stored in $HOME/.local/share/certmagex but the XDG_DATA_HOME variable is respected.

This wouldn't be possible without the Acmev2 module from zerossl https://hex.pm/packages/zerossl

About

Automatic SSL certs from Let's Encrypt for your Phoenix applications

Resources

Readme

License

MIT license
Activity

Stars

27 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
0