# HTTPS
If you want to access Atsumeru
server outside of local network, it is strongly recommended to protect requests to it with https
(especially since the main authorization method is Basic
)
Spring Boot (opens new window), which is the heart of server, supports https
out of the box, but you must configure it yourself, and self-signed and Let's Encrypt (opens new window) certificates are not supported
# Reverse Proxy
The best option is to use CloudFlare Reverse Proxy, CloudFlare Tunnel or Caddy
Any of the above methods will require your own domain name with ability to change NS-server
# CloudFlare Reverse Proxy
HTTPS
certificate will be issued for free and automatical
This method only works if you have a static/white IP and with ports 80
, 8080
or 443
. If your server is behind NAT
or you want to use a different port, use CloudFlare Tunnel
- You need to register in CloudFlare (opens new window)
- Click
Add Site
button on the quick access panel - Follow instructions to add and configure your domain
- Open control panel
- Go to
DNS
section - Set up a redirect to the actual server address
It is also possible (and preferable) to enable requests proxying to cache them in CloudFlare
and hide the real IP/address of server
# CloudFlare Tunnel
HTTPS
certificate will be issued for free and automatical
- You need to register in CloudFlare Zero Trust (opens new window)
- Open
Access
section - Open
Tunnel
subsection - Click on
Create a tunnel
and follow instructions to create a tunnel - After tunnel is created and connector is activated, open created tunnel in control panel
- In
Public Hostnames
tab add your domain specifying the IP/address of server and its port
If necessary, in Public Hostnames
tab you can add subdomains for your domain, setting a different IP/server address or port
# Caddy
Caddy (opens new window) supports automatic generation of Let's Encrypt (opens new window) certificates
You need to install Caddy (opens new window)
Configuration examples:
# Caddy (v2):
<your domain> {
reverse_proxy http://<ip/server address>:<port>
}
With HTTPS:
{
[email protected]
http_port 80
https_port 443
}
<your domain> {
reverse_proxy http://<ip/server address>:<port>
}