20 lines
929 B
Markdown
20 lines
929 B
Markdown
The most straightforward way to add TLS on top of SilverBulet is to use use [Caddy](https://caddyserver.com/). Caddy can automatically provision an SSL certificate for you.
|
||
|
||
When you’re deploying on a public server accessible to the Internet, you can do this as follows:
|
||
|
||
```shell
|
||
$ sudo caddy reverse-proxy --to :3000 --from yourdomain.com:443
|
||
```
|
||
|
||
If you’re deploying on a local network and access your server via a VPN, this is a bit more tricky. The recommended setup here is to use [Tailscale](https://tailscale.com/) which now [supports TLS certificates for your VPN servers](https://tailscale.com/kb/1153/enabling-https/). Once you have this enabled, get a certificate via:
|
||
|
||
```shell
|
||
$ tailscale cert yourserver.yourtsdomain.ts.net
|
||
```
|
||
|
||
Caddy can automatically find these certificates once provisioned, so you can just run:
|
||
|
||
```shell
|
||
$ sudo caddy reverse-proxy --to :3000 --from yourserver.yourtsdomain.ts.net:443
|
||
```
|