Sybren A. Stüvel
715faa6852
To use Let's Encrypt: - Set `acme_domain_name` to the domain name of the machine. - Set both `listen` and `listen_https` to the ports Flamenco Manager should be listening to. By default these are `:8080` and `:8443`. - Configure your firewall or user-facing proxy to forward ports 80 and 443 to respectively 8080 and 8443. Other changes: - Added setting `listen_https` which is used for serving HTTPS traffic (default `:8443`). If you are using the `tlskey`/`tlscert` settings, you need to move `listen` to `listen_https`. - Changed the default value for `listen` to `:8080` (was `:8083`). The changes to the default were somewhat necessary to get to more standard port numbers; it would be silly to add the standard port number 8443 and still keep using the nonstandard 8083. A new webserver wrapper was introduced that manages both the HTTP and HTTPS servers as a single unit. When using ACME/Let's Encrypt it is necessary to have both HTTP (for the ACME web authentication) and HTTPS (for regular traffic). All other HTTP traffic is redirected to HTTPS on port 443. This does *not* redirect to the configured `listen_https` port because firewall-based redirection or reverse proxies may be in use. Actually, this is recommended because then Flamenco Manager doesn't need to be run as root.