You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/05/05 06:48:34 UTC

[GitHub] [couchdb-documentation] tweenietomatoes opened a new pull request #534: new caddy 2 config

tweenietomatoes opened a new pull request #534:
URL: https://github.com/apache/couchdb-documentation/pull/534


   <!-- Thank you for your contribution!
   
        Please file this form by replacing the Markdown comments
        with your text. If a section needs no action - remove it.
   
        Also remember, that CouchDB uses the Review-Then-Commit (RTC) model
        of code collaboration. Positive feedback is represented +1 from committers
        and negative is a -1. The -1 also means veto, and needs to be addressed
        to proceed. Once there are no objections, the PR can be merged by a
        CouchDB committer.
   
        See: http://couchdb.apache.org/bylaws.html#decisions for more info. -->
   
   ## Overview
   
   <!-- Please give a short brief for the pull request,
        what problem it solves or how it makes things better. -->
   
   ## Testing recommendations
   
   <!-- Describe how we can test your changes.
        Does it provides any behaviour that the end users
        could notice? -->
   
   ## GitHub issue number
   
   <!-- If this is a significant change, please file a separate issue at:
        https://github.com/apache/couchdb-documentation/issues
        and include the number here and in commit message(s) using
        syntax like "Fixes #472" or "Fixes apache/couchdb#472".  -->
   
   ## Related Pull Requests
   
   <!-- If your changes affects multiple components in different
        repositories please put links to those pull requests here.  -->
   
   ## Checklist
   
   - [ ] Update [rebar.config.script](https://github.com/apache/couchdb/blob/master/rebar.config.script) with the commit hash once this PR is rebased and merged
   <!-- Before opening the PR, consider running `make check` locally for a faster turnaround time -->
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-documentation] wohali commented on a change in pull request #534: new caddy 2 config

Posted by GitBox <gi...@apache.org>.
wohali commented on a change in pull request #534:
URL: https://github.com/apache/couchdb-documentation/pull/534#discussion_r420004736



##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -303,30 +266,6 @@ with headers.
 
 For a better solution, see :ref:`api/auth/proxy`.
 
-SSL/TLS with Caddy
-------------------
-
-Caddy is https-by-default, and will automatically acquire, install, activate and,
-when necessary, renew a trusted SSL certificate for you - all in the background.
-Certificates are issued by the LetsEncrypt certificate authority.
-
-.. code-block:: text
-
-    domain.com {
-
-        import /path/to/other/config.caddy # logging, error handling etc.
-
-        proxy / localhost:5984 {
-            transparent
-            header_upstream x-forwarded-ssl on
-        }
-
-    }
-
-The ``x-forwarded-ssl`` header tells CouchDB that it should use the ``https``

Review comment:
       Is this set by default now for Caddy 2?

##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -303,30 +266,6 @@ with headers.
 
 For a better solution, see :ref:`api/auth/proxy`.
 
-SSL/TLS with Caddy
-------------------
-
-Caddy is https-by-default, and will automatically acquire, install, activate and,

Review comment:
       If you're dropping this section entirely, it might be good to move this text somewhere else. I wouldn't have known otherwise that Caddy is native https by default.

##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -193,31 +193,12 @@ requests from ``http(s)://domain.com/...`` to ``http://localhost:5984/...``
 
     domain.com {
 
-        import /path/to/other/config.caddy # logging, error handling etc.
-
-        proxy / localhost:5984 {
-            transparent
-        }
+       reverse_proxy localhost:5984
 
     }
 
-.. Note::
-    The ``transparent`` preset in the ``proxy`` directive is shorthand for:
-
-    .. code-block:: text
-
-        header_upstream Host {host}
-        header_upstream X-Real-IP {remote}
-        header_upstream X-Forwarded-For {remote}
-        header_upstream X-Forwarded-Proto {scheme}

Review comment:
       Are all of these enabled by default now with the new `reverse_proxy` paragraph?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-documentation] tweenietomatoes commented on a change in pull request #534: new caddy 2 config

Posted by GitBox <gi...@apache.org>.
tweenietomatoes commented on a change in pull request #534:
URL: https://github.com/apache/couchdb-documentation/pull/534#discussion_r420008499



##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -303,30 +266,6 @@ with headers.
 
 For a better solution, see :ref:`api/auth/proxy`.
 
-SSL/TLS with Caddy
-------------------
-
-Caddy is https-by-default, and will automatically acquire, install, activate and,
-when necessary, renew a trusted SSL certificate for you - all in the background.
-Certificates are issued by the LetsEncrypt certificate authority.
-
-.. code-block:: text
-
-    domain.com {
-
-        import /path/to/other/config.caddy # logging, error handling etc.
-
-        proxy / localhost:5984 {
-            transparent
-            header_upstream x-forwarded-ssl on
-        }
-
-    }
-
-The ``x-forwarded-ssl`` header tells CouchDB that it should use the ``https``

Review comment:
       yes

##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -193,31 +193,12 @@ requests from ``http(s)://domain.com/...`` to ``http://localhost:5984/...``
 
     domain.com {
 
-        import /path/to/other/config.caddy # logging, error handling etc.
-
-        proxy / localhost:5984 {
-            transparent
-        }
+       reverse_proxy localhost:5984
 
     }
 
-.. Note::
-    The ``transparent`` preset in the ``proxy`` directive is shorthand for:
-
-    .. code-block:: text
-
-        header_upstream Host {host}
-        header_upstream X-Real-IP {remote}
-        header_upstream X-Forwarded-For {remote}
-        header_upstream X-Forwarded-Proto {scheme}

Review comment:
       yes




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-documentation] tweenietomatoes commented on a change in pull request #534: new caddy 2 config

Posted by GitBox <gi...@apache.org>.
tweenietomatoes commented on a change in pull request #534:
URL: https://github.com/apache/couchdb-documentation/pull/534#discussion_r420016138



##########
File path: src/best-practices/reverse-proxies.rst
##########
@@ -193,31 +193,12 @@ requests from ``http(s)://domain.com/...`` to ``http://localhost:5984/...``
 
     domain.com {
 
-        import /path/to/other/config.caddy # logging, error handling etc.
-
-        proxy / localhost:5984 {
-            transparent
-        }
+       reverse_proxy localhost:5984
 
     }
 
-.. Note::
-    The ``transparent`` preset in the ``proxy`` directive is shorthand for:
-
-    .. code-block:: text
-
-        header_upstream Host {host}
-        header_upstream X-Real-IP {remote}
-        header_upstream X-Forwarded-For {remote}
-        header_upstream X-Forwarded-Proto {scheme}

Review comment:
       actual caddy config is much shorter. 😄 
   
   ```
   :443
   reverse_proxy 127.0.0.1:5984
   ```




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-documentation] wohali merged pull request #534: new caddy 2 config

Posted by GitBox <gi...@apache.org>.
wohali merged pull request #534:
URL: https://github.com/apache/couchdb-documentation/pull/534


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org