You put this Charm in front of an http webservice to add https security. It deploys a TLS/SSL/HTTPS termination proxy. All https traffic going to this server will be sent to the webserver as http traffic.
This charm installs an HTTPS reverse proxy. The proxy secures traffic to a webservice in the private network using a Let's Encrypt HTTPS certificate. The proxy can also add basic username/password authentication if the credentials config option is set.
This proxy receives an A+ rating on the Qualis SSL Server Test.
# Deploy your http webservice.
juju deploy jenkins
# Deploy the Proxy.
juju deploy cs:~tengu-team/ssl-termination-proxy
# Expose the proxy.
juju expose ssl-termination-proxy
# Configure your DNS server to point to the ssl-termination-proxy's public ip.
# Let the proxy know what its DNS name is.
# (See https://www.duckdns.org for free DNS names)
juju config ssl-termination-proxy fqdn=www.example.com
# The proxy will now request a certificate from lets encrypt.
# Connect the webservice with the proxy.
juju add-relation jenkins ssl-termination-proxy
# Now you can surf to https://<proxy-public-ip> and you wil reach the webservice.
[Optional] Configure basic auth
juju config ssl-termination-proxy credentials="<username> <password>"
Multiple accounts aren't supported for the moment.
This software was created in the IBCN research group of Ghent University in Belgium. This software is used in Tengu, a project that aims to make experimenting with data frameworks and tools as easy as possible.