-
Notifications
You must be signed in to change notification settings - Fork 447
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add auto-tls service #2798
Conversation
Adds an optional service that requests a Let's Encrypt-style TLS certificate when publicly dialable addresses are detected. This will allow transports such as WebSockets to upgrade themselves to be the secure version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just looking through the initial impl
packages/auto-tls/src/index.ts
Outdated
/** | ||
* How long before the expiry of the certificate to renew it in ms | ||
* | ||
* @default 60000 | ||
*/ | ||
renewThreshold?: number |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This situation is a little different than domain cert renewal, but cert renewal should allow for resolving any errors that pop up when a renewal is attempted. Should we set the renewal time to a full day or week before expiry instead of only one minute?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've increased the default to one day but I'm not sure what we can do here other than retry?
Merging to make landing #2800 easier |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
posting review that was in progress
## Browser `<script>` tag | ||
|
||
Loading this module through a script tag will make it's exports available as `Libp2pPlaintext` in the global namespace. | ||
|
||
```html | ||
<script src="https://unpkg.com/@libp2p/plaintext/dist/index.min.js"></script> | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
## Browser `<script>` tag | |
Loading this module through a script tag will make it's exports available as `Libp2pPlaintext` in the global namespace. | |
```html | |
<script src="https://unpkg.com/@libp2p/plaintext/dist/index.min.js"></script> | |
``` |
Remove browser script tag in docs because it throws in browser?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't be Libp2pPlaintext
anyway..
Adds an optional service that requests a Let's Encrypt-style TLS certificate when publicly dialable addresses are detected.
This will allow transports such as WebSockets to upgrade themselves to be the secure version.
Change checklist