Closed XhmikosR closed 7 years ago
@XhmikosR It's a simple nginx reverse proxy config at the moment. If you'd like, I can use Cloudflare to enable ssl for the entire site, and redirect non-http traffic back to the secure pages. Would that work for you? Thanks!
A simple page rule for http://gruntjs.com/*
with Enforce HTTPS should be enough.
I might need to go through the code for mixed content though.
I'm not sure if the current setup is optimal since I haven't personally used it in production.
Ugh, I just looked and don't seem to manage DNS for this domain. Our options are to either
A) purchase an SSL cert and terminate it within nginx or
B) roll the domain into Cloudflare.
I favor the latter, but we'll have to involve @vladikoff to help w/the domain transfer. Let me know which you prefer, thanks!
How about using Let's Encrypt instead of us purchasing a certificate?
I'm a fan of LE but don't yet have that enabled for any sites, so I'd have to do a bit more work than simply purchasing a certificate.
I use it in a couple of production sites and it's pretty straight-forward.
It's true though that with Cloudflare we don't need to care about anything else other than changing the name servers.
Oh for sure, it's not crazy to setup but I have to extend our Puppet configs, test a fresh deployment, etc. Just a bit more time than copy pasta :)
Yup, and rolling to Cloudflare means we have other Cloudflare features too, which is nice.
I say then we just go with Cloudflare at this point, so ping @vladikoff.
@vladikoff ping
Sorry, this is waiting on me. I'm at a conference this week and am the blocker. I should have time this weekend to address.
On Feb 14, 2017 4:04 PM, "XhmikosR" notifications@github.com wrote:
@vladikoff https://github.com/vladikoff ping
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/gruntjs/gruntjs.com/issues/193#issuecomment-279876697, or mute the thread https://github.com/notifications/unsubscribe-auth/ADxJYgmGKkfy4IaJsB3JeeJVLD0V_QIVks5rckEggaJpZM4Lj3Ae .
No worries, this is something @vladikoff needs to take care due to the DNS changes.
DNS has been migrated to Cloudflare and I have enabled SSL but it's not functioning as I expect. This means I probably need to debug a bit and that requires me to set aside time, hence the delay.
I've been traveling nearly five days a week all year, which is unusual, so I apologise for being slow on this issue.
Thanks for your patience and understanding :) We are very close!
On Feb 14, 2017 4:06 PM, "XhmikosR" notifications@github.com wrote:
No worries, this is something @vladikoff https://github.com/vladikoff needs to take care due to the DNS changes.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/gruntjs/gruntjs.com/issues/193#issuecomment-279877019, or mute the thread https://github.com/notifications/unsubscribe-auth/ADxJYlkzmYtWyGFgIq2VKC8ujkW4lr-jks5rckGJgaJpZM4Lj3Ae .
Ah I see. I didn't know that. Let me know if you need help since I've done this with hundreds of projects. Well need a couple of PRs merges to get rid of mixed content warnings.
On Feb 15, 2017 02:11, "Adam Ulvi" notifications@github.com wrote:
DNS has been migrated to Cloudflare and I have enabled SSL but it's not functioning as I expect. This means I probably need to debug a bit and that requires me to set aside time, hence the delay.
I've been traveling nearly five days a week all year, which is unusual, so I apologise for being slow on this issue.
Thanks for your patience and understanding :) We are very close!
On Feb 14, 2017 4:06 PM, "XhmikosR" notifications@github.com wrote:
No worries, this is something @vladikoff https://github.com/vladikoff needs to take care due to the DNS changes.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <https://github.com/gruntjs/gruntjs.com/issues/193#issuecomment-279877019
, or mute the thread https://github.com/notifications/unsubscribe-auth/ ADxJYlkzmYtWyGFgIq2VKC8ujkW4lr-jks5rckGJgaJpZM4Lj3Ae .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/gruntjs/gruntjs.com/issues/193#issuecomment-279877850, or mute the thread https://github.com/notifications/unsubscribe-auth/AAVVtUBIhb2_jNk6TdchLdAZ_RlpyacQks5rckKmgaJpZM4Lj3Ae .
@XhmikosR Okay we have ssl working. Please give it a whirl and let me know if I can be of any further help, thanks!
@aulvi: I'll merge the patches later, thanks.
Now, we need
http://gruntjs.com/*
"Always use SSL" in Cloudflare's page rules.Finally, please make sure you didn't change any other Cloudflare settings for now. Alternatively, if I could have access to the Cloudflare account that owns gruntjs.com I'd be able to make sure everything's OK.
@XhmikosR I can enable the redirection whenever you are ready.
As far as "change any other Cloudflare settings", all I have done is create a single pagerule for redirection and enabled "flexible ssl".
Additionally, I'm fine granting you access to the Cloudflare console but I think I need to convert to a team account first (or whatever their flavor is). I'll try to get that done this week.
@aulvi: your redirection rule is currently enabled? And what's its contents?
No need to go through the trouble for granting me access. You can send me the details via email and then just change the pass when we are done :)
@aulvi: bump
@XhmikosR Redirect page rule is in place, should be SSL forever now. Please holler if you have any further issues, thanks!
Thanks!
Since I don't have access to the server I'm not sure how things are set up exactly so I can't help directly.
/CC @aulvi