-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
> So I can spend some time preparing this DNS configuration and then writing simple cronjob to fetch certificate every day and restart apache.
> That would be vastly superior to current certbot horror and as secure.
Have you looked at Apache's mod_md, which allows you to integrate with ACME providers without certbot?
Here's the documentation, it's available since Apache 2.4.30: https://httpd.apache.org/docs/2.4/mod/mod_md.html
I actually wrote a blog post about using Apache for that and other things, and moved my personal workloads over to it (still using Nginx and other servers at work): https://blog.kronis.dev/tutorials/how-and-why-to-use-apache-...
In short, in addition to having lots of useful modules, Apache has recently gotten the aforementioned ACME functionality, which makes it a bit more easy to use, like how web servers like Caddy also have "automatic HTTPS" functionality: https://caddyserver.com/
I'm yet to find a good self-hosted WAF solution, since mod_security doesn't seem popular or documented enough, even though it is better than nothing.
https://go-acme.github.io/lego/
Once you have Cloudflare (or one of many other options) set up it works as easily as you describe. And no port 80 open or special snowflake reverse proxy rules.
Related posts
-
Manjaro let their SSL cert expire. Again.
-
What approach would you Recommend I take to set up https in a node app?
-
Show HN: Anchor – developer-friendly private CAs for internal TLS
-
Caddy is the first and only web server to use HTTPS automatically and by default
-
I am once again asking that "web" and "fullstack" developers...