Encryption
Configures how encryption should be applied to the server.
There are two main ways this can work:
-
With a pre-supplied certificate and keyfile
-
Via Let’s Encrypt (ACME) using Go’s built-in autocert module
If a certificate and keyfile are supplied the server will utilize option 1, otherwise it’ll fallback to option 2. If you don’t want to utilize encryption (for example you have TLS termination handled externally) simply omit Server.Encrypt
Configuration options:
| Parameter | Description | Type | Required | Default |
|---|---|---|---|---|
Domain |
The domain name you’re operating with (the domain end-users use) |
string |
Yes |
None |
Cache |
The path to a directory to cache certificates in if using let’s encrypt. |
string |
No |
./certs |
Certificate |
The file path to the TLS certificate |
string |
None |
|
KeyFile |
The file path to the keyfile |
string |
None |
|
HttpPort |
The port used for non-encrypted traffic. Required if using Let’s Encrypt to provide for the ACME challenge, in which case this needs to indirectly be 80 (that is, this can be set to e.g. 8080 if something ahead of this redirects 80 to 8080). Everything except .well-known will be redirected to the main port when set. |
int |
No |
None |
The following can be supplied as environment variables:
| Configuration Parameter | Environment Variable |
|---|---|
Domain |
SERVER_ENCRYPT_DOMAIN |
Cache |
SERVER_ENCRYPT_CACHE |
Certificate |
SERVER_ENCRYPT_CERTIFICATE |
KeyFile |
SERVER_ENCRYPT_KEYFILE |
HttpPort |
SERVER_ENCRYPT_HTTPPORT |