acme.sh
dapr
Our great sponsors
acme.sh | dapr | |
---|---|---|
276 | 76 | |
36,065 | 23,175 | |
2.5% | 1.4% | |
8.8 | 9.7 | |
1 day ago | about 13 hours ago | |
Shell | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
acme.sh
-
Why Certificate Lifecycle Automation Matters
Huh, the environment variable thing was specifically aimed at acme.sh which rather arbitrarily changed the config value from ACMEDNS_UPDATE_URL to ACMEDNS_BASE_URL, never acknowledged this in a changelog and then silently failed after an automatic upgrade as recommended by the default install:
https://github.com/acmesh-official/acme.sh/commit/2ce145f359...
It's also cleared out my .account.conf files when run on the suggested cron.
I've started using updown which also monitors my TLS certs simply because I no longer trust the process to work as documented.
-
The Bureau of Meteorology website does not support connections via HTTPS
It depends on your provider though. I can tell from experience that with OVH and their API, it's been easy to set up the automatic renewal via DNS verification. Apparently, the official client has support for the DNS API of 159 providers: https://github.com/acmesh-official/acme.sh/wiki/dnsapi
-
I made a tool for automatically updating the current and next (rollover) TLSA DNS records with acme.sh and the Cloudflare API
For the few people here that happen to run a self-hosted email server with acme.sh for TLS key/cert generation and Cloudflare for DNS management, I have made a tool that i personally use to get a perfect 100% score on Internet.nl's email test.
-
IT Pro Tuesday #276 - Cert Automation, Packet Analysis, Vim Cheatsheet & More
acme.sh is a lightweight Unix shell script for automatic issuance and renewal of free certificates in a Unix environment. It's compatible with Bash, dash, and sh; Docker/IPv6 ready; requires no external dependencies; and can issue, renew, and install certificates without the need for root or sudoer access. Thanks for this recommendation go to blitznogger.
-
Cannot install with mack-a's v2ray-agent script
Error troubleshooting: 1.Failed to obtain Github files, please wait for Github to recover and try, the recovery progress can be viewed at [https://www.githubstatus.com/] There is a bug in the 2.acme.sh script, see [https://github.com/acmesh-official/acme.sh] issues
My vps is located in Japan so there shouldn't be any trouble grabbing files from github and such but it obviously timed out every time the script tried to grab acme.sh's repository. Has anyone tried this script lately with success?
-
HAProxy is not affected by the HTTP/2 Rapid Reset Attack (CVE-2023-44487)
you may wish to use certbot instead:
-
Caddy is the first and only web server to use HTTPS automatically and by default
like https://github.com/acmesh-official/acme.sh/wiki/Stateless-Mo...
If DNS-01 is not an option or to complicated, this saves you from exposing a host to the internet for no good reason.
-
Where do you get/setup certificates from for your https/ssl?
Caddy where possible, and acme.sh or lego where not.
-
Internal Server Error when proxy host directs to router
The SSL certificate for my wildcard domain is currently managed by the acme.sh script running as a Docker container until the issue with NPM and Azure DNS certificate management is resolved.
dapr
-
Comparing Azure Functions vs Dapr on Azure Container Apps
Azure Container Apps hosting of Azure Functions is a way to host Azure Functions directly in Container Apps - additionally to App Service with and without containers. This offering also adds some Container Apps built-in capabilities like the Dapr microservices framework which would allow for mixing microservices workloads on the same environment with Functions.
-
Episode 150: myNewsWrap – SAP and Microsoft
Having containers is nice but everything (well ... nearly everything 😉) gets better with Dapr as an outstanding tool for app development in the container-based area. Here we go what might be worth a look:
-
Ensuring Seamless Operations: Troubleshooting and Resolving Dapr Certificate Expiry
A CNCF project, the Distributed Application Runtime (Dapr) provides APIs that simplify microservice connectivity. Whether your communication pattern is service to service invocation or pub/sub messaging, Dapr helps you write resilient and secured microservices. Essentially, it provides a new way to build microservices by using the reusable blocks implemented as sidecars.
I had no overview of the Dapr system which caused me a lot of time in trying to get to the root cause. So first thing I did was to create a nice dashboard where we can have an overview of our Dapr services and their certificates. I started from the official one from Grafana for this. But the dashboard is a bit outdated so I had some issues with the queries, so I did some changes and you can find the JSON of the dashboard below if it helps anyone.
-
Modular Architecture Design question | Re-using modules in multiple applications
I would like to build modules, either in a modular monolith style, or in a microservice style using DAPR and/or Tye.
-
Ask HN: Modern Node.js Request Fault Tolerance Library?
Just heard about Dapr last week. Might be more than what you are asking, though but it’s probably worth a look.
-
Creating a Dapr pluggable component for Supabase
From my perspective, I’d like to explore further how Dapr can integrate with other Supabase features. It would also be great to see a Supabase state store as a built-in component that’s available in the Dapr runtime without the need of running the pluggable component separately. I also hope the proposed DocumentStore building block will get some traction this year, since this will pair up very nicely with Supabase and other PostgreSQL stores.
-
Kv.js
Could you use Kubernetes to solve this? Have a single pod running the Redis instance and then multiple running Node.js talking to the Redis instance via something like DAPR (https://dapr.io/)
-
Anything close beam/otp for other languages?
Dapr is also building a workflow orchestrator into their microservice system. It's almost in Beta, and when you combine it with Dapr's Virtual Actors, it looks powerful. It will also let you integrate a workflow engine like Temporal, too. https://dapr.io/
-
(April) - Monthly Shameless Plug
This fantastic blog from Mauricio (Salaboy) Salatino shows how tools like Kratix (kratix.io) and Dapr (dapr.io) can help streamline golden paths: https://blog.dapr.io/posts/2023/04/02/creating-dapr-enabled-platforms-with-kratix/
What are some alternatives?
MassTransit - Distributed Application Framework for .NET
letsencrypt - Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
dehydrated - letsencrypt/acme client implemented as a shell-script – just add water
camel-k - Apache Camel K is a lightweight integration platform, born on Kubernetes, with serverless superpowers
tye - Tye is a tool that makes developing, testing, and deploying microservices and distributed applications easier. Project Tye includes a local orchestrator to make developing microservices easier and the ability to deploy microservices to Kubernetes with minimal configuration.
OpenFaaS - OpenFaaS - Serverless Functions Made Simple
lego - Let's Encrypt/ACME client and library written in Go
pterodactyl-installer - :bird: Unofficial installation scripts for Pterodactyl Panel
Nomad - Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
NServiceBus - Build, version, and monitor better microservices with the most powerful service platform for .NET
go-micro - A Go microservices framework