It's just a closet server, using Perkeep on HTTP(s) behind Caddy. Caddy config: ``` https://camli.tamas.gulacsi.eu { reverse_proxy * https://127.0.0.1:3179 { transport http { tls_insecure_skip_verify } } } ``` ~/.config/perkeep/server-config.json: ``` { "listen": ":3179", "baseURL": "https://camli.tamas.gulacsi.hu";, "https": true, "httpsCert": "/home/gthomas/.config/camlistore/tls.crt", "httpsKey": "/home/gthomas/.config/camlistore/tls.key", "shareHandler": true, "auth": "userpass:gthomas:password:+localhost", "identity": "XXX", "identitySecretRing": "/home/gthomas/.config/camlistore/identity-secring.gpg", "levelDB": "/home/gthomas/var/camlistore/camli-index.leveldb", "blobPath": "/home/gthomas/var/camlistore/packs", "packBlobs": true, "runIndex": true, "copyIndexToMemory": true, "memoryIndex": false, } ```
It's HTTPS because otherwise the URLs spit by Perkeep are http://, causing spurious problems. ~/ .config/systemd/user/perkeep.service: ``` [Unit] Description=Perkeep [Service] Type=simple ExecStart=/home/gthomas/go/bin/perkeepd Restart=on-success CPUAccounting=true CPUSchedulingPolicy=batch Nice=19 IOSchedulingClass=idle StandardOutput=journal StandardError=journal+console LimitNOFILE=32768 [Install] WantedBy=basic.target ``` Sorry, I'm not a blogger. Tamás [email protected] a következőt írta (2020. július 15., szerda, 19:52:01 UTC+2): > Can you please share a blog post on how you achieved this setup consisting > of ec2 + s3 + caddy? > I'm sure this would be helpful to many! > Thanks! > > On Wed, Jul 15, 2020, 10:25 PM Gulácsi Tamás <[email protected]> wrote: > >> Great! I use it behind caddy, without tls, too. >> ------------------------------ >> *From:* [email protected] <[email protected]> on behalf of >> Florian <[email protected]> >> *Sent:* Wednesday, July 15, 2020 4:54:47 PM >> *To:* Perkeep <[email protected]> >> *Subject:* Re: TLS handshake error: upgrade your ACME client >> >> Found it .. the "without tls" did not get through to me apparently! >> Running Perkeep without https did solve this issue. >> >> On Wednesday, 15 July 2020 at 16:35:49 UTC+2 Florian wrote: >> >> Okay, I've been able to set that up and use the keyc/cert from Caddy for >> the Perkeep server. >> >> For some reason it now keeps asking me for basic auth, even if I have >> that set to `auth: "none"`, and I don't have basic auth set up on Caddy. >> So basicly I'm stuck on that prompt dialog. >> >> If you happen to have a working instance of this, would you mind sharing >> your Caddyfile? >> >> >> On Wednesday, 15 July 2020 06:43:57 UTC+2, tgulacsi78 wrote: >> >> It does need upgrading. For a workaround, put it behind caddy ( >> caddyserver.com), without tls. >> >> >> >> On Wed, Jul 15, 2020 at 12:29 AM +0200, "Florian" <[email protected]> >> wrote: >> >> Hi, >> >> I've just started using Perkeep, setting it up on an Amazon EC2 with an >> attached S3 bucket and I have been able to hook it up to one of my domain >> names. >> However, I have been trying to get HTTPS to work, but keep getting the >> following printed: >> >> "403 urn:acme:error:unauthorized: Account creation on ACMEv1 is disabled. >> Please upgrade your ACME client to a version that supports ACMEv2 / RFC >> 8555. See >> https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 >> for details." >> >> Since I'm mostly a front-end dev, this is all a little on the far side of >> my knowledge and comfort zone, so I was hoping someone could point me in >> the right direction. >> >> Fwiw, my config looks like this: >> >> { >> "auth": "userpass:<user>:<secret>:+localhost", >> "https": true, >> "baseURL": "https://<mydomain>", >> "listen": ":443", >> "camliNetIP": "", >> "identity": "<identity>", >> "identitySecretRing": >> "/home/ec2-user/.config/perkeep/identity-secring.gpg", >> "s3": "<s3 config>", >> "packRelated": true, >> "levelDB": "/home/ec2-user/var/perkeep/index.leveldb" >> } >> >> Thanks in advance to anyone taking the time, >> Regards, >> >> Florian >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Perkeep" group. >> >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> >> >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/perkeep/637fca78-ff01-4b01-a7cd-3fa7ba930a49o%40googlegroups.com >> >> <https://groups.google.com/d/msgid/perkeep/637fca78-ff01-4b01-a7cd-3fa7ba930a49o%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Perkeep" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/perkeep/af336f42-d18f-48bb-9b41-41d5d44cbad5n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/perkeep/af336f42-d18f-48bb-9b41-41d5d44cbad5n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Perkeep" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/perkeep/VI1P192MB028520BD81D6422FE808229FF27E0%40VI1P192MB0285.EURP192.PROD.OUTLOOK.COM >> >> <https://groups.google.com/d/msgid/perkeep/VI1P192MB028520BD81D6422FE808229FF27E0%40VI1P192MB0285.EURP192.PROD.OUTLOOK.COM?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "Perkeep" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/perkeep/0e0bd3b4-e890-4ecc-8ab7-01e4f2755a1an%40googlegroups.com.
