frp
frp copied to clipboard
autocert support
Describe the feature request
A public facing https port needs a cert. It would be nice if the cert could automatically be obtained from letsencrypt.
Describe alternatives you've considered
I guess one could use caddy as another proxy in front - but that is less than ideal. It would be better to integrate
https://go-acme.github.io/lego/usage/library/
Affected area
- [X] Docs
- [ ] Installation
- [ ] Performance and Scalability
- [ ] Security
- [ ] User Experience
- [X] Test and Release
- [ ] Developer Infrastructure
- [X] Client Plugin
- [X] Server Plugin
- [X] Extensions
- [ ] Others
Can you describe more about your configures?
Let's say I have a http service on the LAN and I want to expose that via https on the a public machine.
I guess one could use frp
to create a tunnel and then use e.g. caddy
as a reverse proxy to that. Or maybe use cert-manager
in DNS mode to obtain letsencrypt certs. Both not ideal.
It seems frp
already supports TLS - so why not support getting the cert via acme directly?
That makes sense.
I plan to support it in frp v2. Usage of HTTPS will be refactored future.
If it's easy to implement, i will add this in current release.
In case one wanted to adopt implementation strategies from other approaches, there is boringproxy.io, which reuses caddyserver/certmagic for the task.