From 8f16ae8db5677d2c9d5d11299888a05e3d841efe Mon Sep 17 00:00:00 2001 From: flaviostutz Date: Tue, 11 Aug 2020 14:29:02 -0300 Subject: [PATCH 1/3] adding more info on disable_redirects consequences --- src/docs/markdown/caddyfile/options.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/docs/markdown/caddyfile/options.md b/src/docs/markdown/caddyfile/options.md index a74b6f9..c638548 100644 --- a/src/docs/markdown/caddyfile/options.md +++ b/src/docs/markdown/caddyfile/options.md @@ -60,4 +60,4 @@ Possible options are: - **interval** and **burst** allows `` certificate operations within `` interval. - **local_certs** causes all certificates to be issued internally by default, rather than through a (public) ACME CA such as Let's Encrypt. This is useful in development environments. - **key_type** specifies the type of key to generate for TLS certificates; only change this if you have a specific need to customize it. -- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). +- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). If you choose `disable_redirects` port :80 won't be open unless a rule explicitelly listens to it on ingress. From 93e442150bea16eecc6e35f60d545a0cf4bb1677 Mon Sep 17 00:00:00 2001 From: flaviostutz Date: Tue, 11 Aug 2020 14:36:09 -0300 Subject: [PATCH 2/3] adding 'off' case --- src/docs/markdown/caddyfile/options.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/docs/markdown/caddyfile/options.md b/src/docs/markdown/caddyfile/options.md index c638548..01989e7 100644 --- a/src/docs/markdown/caddyfile/options.md +++ b/src/docs/markdown/caddyfile/options.md @@ -60,4 +60,4 @@ Possible options are: - **interval** and **burst** allows `` certificate operations within `` interval. - **local_certs** causes all certificates to be issued internally by default, rather than through a (public) ACME CA such as Let's Encrypt. This is useful in development environments. - **key_type** specifies the type of key to generate for TLS certificates; only change this if you have a specific need to customize it. -- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). If you choose `disable_redirects` port :80 won't be open unless a rule explicitelly listens to it on ingress. +- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). If you choose `disable_redirects` or `off`, port :80 won't be open unless a rule explicitelly listens to it on ingress, for example, with `mysite.org:80`. From 8604b46190ecfab306f839423badde8910a704c4 Mon Sep 17 00:00:00 2001 From: flaviostutz Date: Tue, 11 Aug 2020 14:40:17 -0300 Subject: [PATCH 3/3] adding info on disable_redirects --- src/docs/markdown/caddyfile/options.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/docs/markdown/caddyfile/options.md b/src/docs/markdown/caddyfile/options.md index 01989e7..c7855f5 100644 --- a/src/docs/markdown/caddyfile/options.md +++ b/src/docs/markdown/caddyfile/options.md @@ -60,4 +60,4 @@ Possible options are: - **interval** and **burst** allows `` certificate operations within `` interval. - **local_certs** causes all certificates to be issued internally by default, rather than through a (public) ACME CA such as Let's Encrypt. This is useful in development environments. - **key_type** specifies the type of key to generate for TLS certificates; only change this if you have a specific need to customize it. -- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). If you choose `disable_redirects` or `off`, port :80 won't be open unless a rule explicitelly listens to it on ingress, for example, with `mysite.org:80`. +- **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). Be aware that if you choose `disable_redirects` or `off`, port :80 won't be open unless a rule explicitelly listens to it on ingress, for example, with `mysite.org:80`.