• Łukasz Nowak's avatar
    caddy-frontend: Re-do zero-SSL BBB · 1d271f4d
    Łukasz Nowak authored
    Instead of complex architecture in the profiles, reuse kedifa-updater
    capability to do backward compatibility certificate management thanks to its
    fall-back mechanism.
    
    kedifa-updater uses state file to know, if it ever succeed to download
    certificate from KeDiFa, and so it really makes it that pushing at least once
    certificate to KeDiFa, even if it is sometimes unresponsive, will switch to
    it.
    
    Fallback certificate is used, thus each slave listens immediately on HTTP and
    HTTPS. Thanks to this, asynchronous updates do not need to communicate with
    slapos node instance, and slapos node instance does not care about the
    certificates anymore.
    1d271f4d
nginx.cfg.in 2.56 KB