From 944407621f313c15f6cfd53267da1ddbdaceec9f Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 28 Jun 2017 17:19:46 +0200 Subject: webserver: allow listening to multiple addresses. (Useful when dual-stack IPv4/IPv6 is not supported.) Also, change the default to listen to a UNIX-domain socket . Moreover temporary iptables rules are no longer installed. Hosts without a public HTTP daemon listening on port 80 need to set the 'listen' option to [::] and/or 0.0.0.0, and possibly set the 'iptables' option to Yes. --- Changelog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'Changelog') diff --git a/Changelog b/Changelog index b23191f..fdb0775 100644 --- a/Changelog +++ b/Changelog @@ -3,6 +3,13 @@ lacme (0.3) upstream; + When parsing config-cert files and directories (default "lacme-certs.conf lacme-certs.conf.d"), import the default section of files read earlier. + new-cert: create certificate files atomically. + + webserver: allow listening to multiple addresses (useful when + dual-stack IPv4/IPv6 is not supported). Listen to a UNIX-domain + socket by default . + + webserver: don't install temporary iptables by default. Hosts + without a public HTTP daemon listening on port 80 need to set the + 'listen' option to [::] and/or 0.0.0.0, and possibly set the + 'iptables' option to Yes. - Ensure lacme's config file descriptor is not passed to the accountd or webserver components. - new-cert: sort section names if not passed explicitely. -- cgit v1.2.3