HTTPS support for a2docs.org

[vielmetti]

Some notes on a transition:

We have an old URL (a2docs.org) and a new URL (a2docs.aadl.org). It would be good to have a plan to consolidate the two, and I think that the surviving URL is the .aadl.org domain.

I suspect that the long term answer is to transfer the a2docs.org domain handling to an nginx configuration which does whatever necessary domain mapping.

The main reason for wanting this is to ensure that all of the old links to a2docs.org that are in Arborwiki still work. An alternative plan is to identify all of those pages that have those links one by one and fix them, and then retire the old a2docs.org name entirely.

[eby]

Any specific reason for retiring the domain? AADL could likely easily take it over and keep it registered.

[vielmetti]

If AADL wants to take over the domain I think that would be all OK with everyone involved.

[eby]

Does that work for you @chairkicker ? I see you are listed in the whois.

I can DM you on twitter to work out details or email me at eby [at] aadl [dot] org

[ghost]

@eby that'd be great by me. Let's hash out details in email. Thank you!

[eby]

This has completed finally this morning. It is still propagating but appears google picked it up quick. Right now I have it on HTTP as let's encrypt is giving me some issues. Will try to get to the SSL cert later today or tomorrow and put it back on SSL.

I tested some links on arborwiki and it seems to work. Let me know if any redirects fail. Still tweaking the configs.

[vielmetti]

I'm seeing the same thing that @eby is seeing with HTTPS, the Chrome error I see is below when I go to https://a2docs.org.

I'll spot check Arborwiki - I think all of those original links were http not https.

[eby]

Yeah http is fine and all links should be http that are out there. https://a2docs.aadl.org is redirecting to http for now until I get time to register.

[cdzombak]

@vielmetti / @eby, can this ticket be closed out now?

[vielmetti]

On Firefox, when I visit https://a2docs.org, I still get

Warning: Potential Security Risk Ahead

[cdzombak]

oh, I skimmed the ticket too quickly 😞 disregard!

[vielmetti]

I updated the subject line to better reflect the current state and help people who might be skimming get the gist faster.

Perhaps what, Let's Encrypt?

[eby]

I'll work on this and try to get things done tomorrow.

[eby]

Sorry for the delay on this. I'm in the process of doing a lot of juggling to take advantage of a new generator (thanks for nothing DTE). In the meantime I went ahead and went full @vielmetti on this despite Works on Arm not being weekly right now.

• Moved a2docs to an Arm based A1 EC2 instance
• IPv6 available
• SSL with lets encrypt. Went with the moderate client recommendations from mozilla so older clients can connect. tls1.3/http2 supported

I had some brief ipv6 config issue with nginx so if you had 404s or weird redirects it should hopefully be fixed.

Let me know if any problems and hopefully this can finally be closed.

As an aside with this I have more s3 syncing going on and can potentially do some IAM access for others to that bucket if/when people decide they want to do pdf analysis/etc.

[cdzombak]

Made some quick checks and it looks good from here (over IPv4). Thanks, @eby 🍻

[vielmetti]

Looks good to me!