Instruction clarifications

[markcerqueira]

Thanks for setting this up. Really excited to get this up and running. I'm running into some snags following your instructions and was hoping you could clarify a bit.

1. The setup instructions ask for a Heroku OAuth key. Is this the API Key found in settings on Heroku? I'm guessing not.
2. auth_token is the value of ENV['AUTH_TOKEN'] - Perhaps clarify that is is set on the new project that one sets up during the setup process. I (foolishly) thought it meant I needed to add this to the project I wanted to add SSL to.
3. Hitting the endpoint per instructions gives me a 404. The URL I hit is: http://chuckpad-social-letsencrypt.herokuapps.com/certificate_generation/new/chuckpad.io?subdomains=www&debug=0&app_name=chuckpad-social&auth_token={AUTH_TOKEN_REMOVED}

Thank you!

[maxehmookau]

Hi there!

Bear in mind that we're still in alpha but I think all of these issues can be sorted :)

• This is a Heroku OAuth key. So no, not the API key in the settings. To generate an OAuth key for heroku, on the CLI try this:

$ heroku plugins:install heroku-cli-oauth
$ heroku authorizations:create -d "letsencrypt-oauth-token"

This should then generate a code for you to use for that value. You can revoke these tokens at any time if they're compromised. Bear in mind that these tokens are valid for any project that your current user has access to so it may be desirable to create an OAuth token for a special 'robot' user. I'll leave this up to you.

• Yes, you're right. That's not very clear. The 'Deploy to Heroku' button will automatically set a random token here for use. If you could suggest an alternative in a PR that would be much appreciated. Otherwise I'll get to it later in the week.
• I'm not sure about this. The path looks right. Although looks like you're hitting the herokuapps.com domain. Pretty sure it should be herokuapp.com That said, if you're still having the issue, can you drop in your log files and I'll take a closer look.

Let me know if you've got any more questions and thanks for the feedback!

[markcerqueira]

Totally understandable on alpha and thank you for the lightning fast reply. I'll give it another try (tomorrow as it's getting late here) and I'll report back!

Thanks again! :)

[maxehmookau]

👍 Looking forward to it

[maxehmookau]

Hey @markcerqueiram, Was wondering if you managed to get this up and running for you?

[markcerqueira]

HI @maxehmookau! Thanks for following up and apologies for not getting to this sooner.

Got a little farther: getting the status URL when I hit the endpoint, but when I check that status page it says I'm not authenticated.

Any ideas what I could be doing wrong?

[lustrousgorilla]

@maxehmookau: I'm extraordinarily appreciative for your work on this, but I'm experiencing the exact same thing as @markcerqueira.

Also, if you really want to make these instructions idiot-proof, it might be worth adding a line with the curl command to generate the specified HTTP request.

[markcerqueira]

@lustrousgorilla - once I get it working I'm planning on opening a PR with some changes to the README to help out idiots like myself! :)

[maxehmookau]

Thanks @markcerqueira, that would be really helpful.

I agree with both of you, I could do with making the README much more clear. If @markcerqueira can open a PR with a few changes I'd be happy to merge that in to make it easier for others to use.

[jwsloan]

@maxehmookau Thank you for making this! Unfortunately I'm getting the same error as @markcerqueira when I hit the status page. Any ideas on what would cause that?

[maxehmookau]

hi @jwsloan.

Judging by this thread, I think I'm going to have to rewrite the README 😂

So if you're getting an unauthorized error, you need to make sure the auth_token query parameter is set. It should be equal to whatever the AUTH_TOKEN environment variable is.

If you used the 'deploy to heroku' button, this code is generated automatically and randomly. If you didn't use the deploy to Heroku button, you just need to define an AUTH_TOKEN variable which should just be some sort of secret key. (Obviously in production, the longer and more complex, the better!)

On heroku, you can grab that value by using heroku config:get AUTH_TOKEN.

Does that help at all?

[maxehmookau]

I've updated the README this afternoon with a few bits and bobs. Hopefully that should make things clearer. Feel free to open a new issue if not though.