darcs repository web UI and hosting app. This is the main darcsden trunk, which also runs hub.darcs.net. (http://hub.darcs.net)
#146add ssl support
Should be fairly straightforward and optional. Snap has built-in support for that, we just need to configure it during start.
Working on it in this branch: http://hub.darcs.net/maerwald/darcsden-ssl
problems: - it seems we need '-threaded' here, otherwise we get "SimpleBackend.acceptThread: user error (RTS doesn't support multiple OS threads (use ghc -threaded when linking))" during runtime - we currently only support running https-only or http-only... everything else seems to collide with out 'baseUrl' logic
reworked a bit: - http://hub.darcs.net/maerwald/darcsden-patches/patch/a043271d1cbacd4d04881139217bc03440191efe - http://hub.darcs.net/maerwald/darcsden-patches/patch/83dbd1d909bea2b0f4b08a6d4990990249884fc8 - http://hub.darcs.net/maerwald/darcsden-patches/patch/4a2f1532d10d34a0ff692995c0e63549bd184211 - http://hub.darcs.net/maerwald/darcsden-patches/patch/271784710a0e70385d7cf906c1115d201f1f15df
This also removes the "baseUrl" configuration value. Instead the requests are now all relative, so links work protocol-agnostic. This allows us to have both http and https at the same time or only one of them. The user can use the "protocols = [ HTTP, HTTPS ]" config thing then.
Nice! See also #142
Also note that you can achieve the same with a front proxy (e.g. nginx). So the backend server is http only while the front proxy establishes the https thing with the client. But having a front proxy shouldn't be a requirement for deploying darcsden with https support.
Good point. darcs hub does use nginx, so maybe that is that the route I should go for #142 ? I'm guessing nginx will need to use https regardless of whether darcsden does.
Yeah, I've done that with an automatically configured nginx front proxy in a docker container, see: - https://github.com/hasufell/docker-gentoo-darcsden - http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/
Nonetheless, these two patches could already be merged/tested on the dev site: - http://hub.darcs.net/maerwald/darcsden-patches/patch/83dbd1d909bea2b0f4b08a6d4990990249884fc8 - http://hub.darcs.net/maerwald/darcsden-patches/patch/271784710a0e70385d7cf906c1115d201f1f15df
They don't add https support yet, but do some cleanup.
Hard-coding the base url to / is a bit questionable. Maybe the hostname and custom port still work, but it means you can't integrate darcsden in a website at /some/lower/path.
well, even then it should be relative and not absolute
maybe we just set the default to "/" and tell people in the README that it should be a relative path?
Afais there's no proper support for "/some/lower/path" in darcsden anyway. From my tests, it breaks pretty much anything.
- description updated
- added tag experimental