I also added the ACME directory URL to the log message, so that it can
be verified to be the v2 URL (and not the deprecated v1 URL).
This fixes T71444.
To use Let's Encrypt:
- Set `acme_domain_name` to the domain name of the machine.
- Set both `listen` and `listen_https` to the ports Flamenco Manager
should be listening to. By default these are `:8080` and `:8443`.
- Configure your firewall or user-facing proxy to forward ports 80 and
443 to respectively 8080 and 8443.
Other changes:
- Added setting `listen_https` which is used for serving HTTPS traffic
(default `:8443`). If you are using the `tlskey`/`tlscert` settings, you
need to move `listen` to `listen_https`.
- Changed the default value for `listen` to `:8080` (was `:8083`).
The changes to the default were somewhat necessary to get to more
standard port numbers; it would be silly to add the standard port number
8443 and still keep using the nonstandard 8083.
A new webserver wrapper was introduced that manages both the HTTP and
HTTPS servers as a single unit. When using ACME/Let's Encrypt it is
necessary to have both HTTP (for the ACME web authentication) and HTTPS
(for regular traffic). All other HTTP traffic is redirected to HTTPS on
port 443. This does *not* redirect to the configured `listen_https` port
because firewall-based redirection or reverse proxies may be in use.
Actually, this is recommended because then Flamenco Manager doesn't need
to be run as root.
