Move to HTTPS #12
Comments
|
Looks like this isn't doable on
:( |
|
DNSSEC isn't required for HTTPS is it? |
|
for cloudflare free DNS it is |
|
Ah, okay :( |
|
@orta @k0nserv GitLab Pages has SSL support by way of Let's Encrypt (or any other SSL cert provider, though I like LE), if you have any interest: https://about.gitlab.com/2016/04/11/tutorial-securing-your-gitlab-pages-with-tls-and-letsencrypt/ I can understand not wanting to move off GitHub of course :) |
|
I do have interest, and I do need to learn how to use lets encrypt for CocoaPods, I should also try improve my GitLab foo. So that could all work together quite nicely. |
|
One upside of that is that we'll end up with Danger running both for GitHub and GitLab which will help us detect issues and prevent drifting towards GitHub first. Would probably want to use GitLabCI in that case though |
|
Aye, I've taken a stab at this, https://gitlab.com/danger-systems/danger.systems/ - if I can get this all working, I'll move the danger.systems repo over permanently. |
|
Will accept anyone who applies to the group too, couldn't get |
|
@orta if it's not being used by someone else I can see about getting you the danger group :) |
|
Awesome, it might be, so no expectations from my side |
|
OK, so we've moved fully to GitLab pages, but I'm not adding letsencrypt yet. it looks like for now it requires re-creating the certs every 90 days manually in order for HTTPS to stay working, I'd rather not let links start failing because I needed to do some manual work. I've +1'd this issue around that, https://gitlab.com/gitlab-org/gitlab-ee/issues/474 |
|
@orta oh, sorry if I was unclear about it being manual. I definitely didn't mean to mislead. D: |
|
And the links should still work, they'll just redirect to HTTP if I remember correctly. There's no enforcement of HTTPS with HSTS or anything. I could be wrong, though. |
|
It's no problem, it's the current status quo from GH-pages which I was going to live with, and I don't think you mis-sold me 💃 I just don't think I can rely on giving myself a "do this every 90 days" task, 1 year, 2 years, I can do, but they add up. Well, I've got the certs set up any way, so I may as well try it for the 90 days and see when it expires |
|
Cool, well, both http://danger.systems and https://danger.systems work now 👍 |
|
@orta WRT getting the danger group name, just email [email protected] with the request to use the dormant group name. If it's inactive we'll ask the owner and if we see no response in two weeks you can have it :) And please tell me if there's anything we can improve in GitLab, or open an issue! |
|
Can the cert update not be automated? That is the intention from Let's Encrypts side with the short life certs after all. |
Cloudflare
The text was updated successfully, but these errors were encountered: