[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [meek/master] Update meek-server/README for Let's Encrypt support.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [meek/master] Update meek-server/README for Let's Encrypt support.
From: dcf@xxxxxxxxxxxxxx
Date: Sat, 16 Sep 2017 18:59:27 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 16 Sep 2017 14:59:37 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: David Fifield <david@xxxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 66c839dcb595de203c3a11e8d1ff51b99a868aaa
Author: David Fifield <david@xxxxxxxxxxxxxxx>
Date:   Sat Sep 16 11:58:23 2017 -0700

    Update meek-server/README for Let's Encrypt support.
    
    Remove instructions for configuring without HTTPS.
---
 meek-server/README | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/meek-server/README b/meek-server/README
index 40bc3fe..867816c 100644
--- a/meek-server/README
+++ b/meek-server/README
@@ -1,17 +1,27 @@
 # How to run a meek-server (meek bridge):
 
+You need a server with a DNS name pointing to it.
+You need to be able to run a service on port 443.
+
+Let's say the server's DNS name is meek.example.com.
+
 - Compile the program using 'go build'.
 
-- Update your torrc file. There's a sample on /meek-server/torrc.
+	cd meek-server
+	go build
+
+- Install meek-server under /usr/local/bin and give it permission to bind to port 443.
+
+	cp meek-server /usr/local/bin
+	setcap 'cap_net_bind_service=+ep' /usr/local/bin/meek-server
 
-	NOTE: if you want to run your bridge on two different ports (HTTP and HTTPS), use something like this:
+- Add a line to your torrc file. Replace "meek.example.com" with your server's DNS name and "admin@xxxxxxxxxxxxxxxx" with your email address.
 
-	ServerTransportPlugin meek exec /usr/local/bin/meek-server --port 7002 --disable-tls --log /var/log/tor/meek-server.log
-	ServerTransportPlugin meek exec /usr/local/bin/meek-server --port 7443 --cert /etc/meek/cert.pem --key /etc/meek/key.pem --log /var/log/tor/meek-server-https.log
+	ServerTransportPlugin meek exec /usr/local/bin/meek-server --acme-hostnames meek.example.com --acme-email admin@xxxxxxxxxxxxxxxx --log /var/log/tor/meek-server.log
 
-- To test your bridge on the clinet side, you can add a line like this to your torrc:
+- To test your bridge on the client side, you can add a line like this to your torrc:
 
-	Bridge meek 0.0.2.0:1 url=https://my-bridge.example.com:7443/
+	Bridge meek 0.0.2.0:1 url=https://meek.example.com/
 
 # Important Note:
 

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [websocket/master] Expose the entire ws request instead of just the URL
Next by Author: [tor-commits] [websocket/bug18628] Change request to *http.Request
Previous by thread: [tor-commits] [exonerator/master] Tweak new query towards using an existing index.
Next by thread: [tor-commits] [nyx/master] Stacktrace if all panels are disabled
Index(es):
- Author
- Thread