Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request: Lets Encrypt/ Certbot integration #34

Open
jlmanohar opened this issue May 17, 2024 · 7 comments
Open

Feature Request: Lets Encrypt/ Certbot integration #34

jlmanohar opened this issue May 17, 2024 · 7 comments
Labels
F-CertMgmt Functionality relating to Certificate Provisioning and Management
Milestone

Comments

@jlmanohar
Copy link

It would be great if river has the ability to generate valid certificates with Lets encrypt in near future, similar to Nginx Proxy Manager or Traefik.

@jamesmunns
Copy link
Collaborator

@jlmanohar this feature is planned: https://github.com/memorysafety/river/blob/main/docs/what-is-it.md#29---certificate-provisioning-and-management

Not sure when it will be prioritized, but it's definitely on the roadmap.

@jamesmunns
Copy link
Collaborator

Just wanted to note that support for the ACME protocol is likely to come right after we finish the current chunk of work: https://github.com/memorysafety/river/milestone/3, I'll update if we decide it needs to be bumped up in priority.

ACME protocol support will benefit from a lot of the "pre-requisite" features we'll be doing in this milestone, once those are cleared the path towards supporting ACMEv2 will hopefully be much more direct.

@jamesmunns jamesmunns added this to the Backlog milestone May 24, 2024
@jamesmunns jamesmunns added the F-CertMgmt Functionality relating to Certificate Provisioning and Management label May 24, 2024
@jlmanohar
Copy link
Author

Just wanted to note that support for the ACME protocol is likely to come right after we finish the current chunk of work: https://github.com/memorysafety/river/milestone/3, I'll update if we decide it needs to be bumped up in priority.

ACME protocol support will benefit from a lot of the "pre-requisite" features we'll be doing in this milestone, once those are cleared the path towards supporting ACMEv2 will hopefully be much more direct.

Thank you @jamesmunns , will the acme be a compelte rewrite for river or will it be using acmed crate? Just curious

Also if there are any low priority/ non critical tasks I would like to help out, I just recently started with rust and have an interest towards proxies because I self host.

@jamesmunns
Copy link
Collaborator

@jlmanohar re: ACME - not sure yet! If there's something suitable I'll likely use that if possible, but that's part of what I need to evaluate when planning. If you have any other notes on this, feel free to share here!

re: misc topics, I'm still working on scoping and planning for this milestone, I'll likely have some more specific plans later this week. Feel free to chime in on any of the issues if you see something interesting.

@jamesmunns
Copy link
Collaborator

https://crates.io/crates/rustls-acme was a crate shown to me that is capable of handling certbot-like behaviors, might potentially be usable, or useful to reference.

@jlmanohar
Copy link
Author

jlmanohar commented Aug 9, 2024

Let's encrypt Client Options looks like acmed and acme-redirect are mentioned in the client options page in let's encrypt and might be work checking out.

@notramo
Copy link

notramo commented Nov 26, 2024

Caddy also has this feature and it's very robust. That implementation might serve as inspiration, but I don't know to what extent as it's written in Go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
F-CertMgmt Functionality relating to Certificate Provisioning and Management
Projects
None yet
Development

No branches or pull requests

3 participants