by Joshua Branson — September 03, 2020
So, when I recently re-configured this website with
guix system and the
nginx service, I set up the site to work just fine with
HTTPS. The difference is that
HTTPS has a little green "this site is secure"
logo in the upper left hand side of your browser.
The tiny baby little problem was that users could happily use the insecure
version of the site, which could promote a man in the middle attack. Luckily
I've been reading up on the
allows me to inform users that my site supports
HTTPS. You can still browse
the site using
HTTP, but most likely your browser will re-direct you to the
You can verify this yourself with the following:
And of course I have to show the configuration for my linode guix server looks something like this:
(service nginx-service-type (nginx-configuration (server-blocks (list (nginx-server-configuration (server-name '("gnucode.me")) (listen '("80" "443 ssl")) (root "/srv/www/html/gnucode.me/site/") ;; tell browsers my site supports HTTPS, and tell them that it will ;; at least work for 1/2 hour. Gradually, I will increase this number. (raw-content (list "add_header Strict-Transport-Security max-age=1800;")) (ssl-certificate "/etc/letsencrypt/live/gnucode.me/fullchain.pem") (ssl-certificate-key "/etc/letsencrypt/live/gnucode.me/privkey.pem") (locations (list (nginx-location-configuration ;certbot (uri "/.well-known") (body (list "root /srv/www;"))))))))))
Guix System makes this kind of thing really easy! You should try it!
Happy Hacking! insert cute emoji here