commit 66c839dcb595de203c3a11e8d1ff51b99a868aaa Author: David Fifield david@bamsoftware.com Date: Sat Sep 16 11:58:23 2017 -0700
Update meek-server/README for Let's Encrypt support.
Remove instructions for configuring without HTTPS. --- meek-server/README | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/meek-server/README b/meek-server/README index 40bc3fe..867816c 100644 --- a/meek-server/README +++ b/meek-server/README @@ -1,17 +1,27 @@ # How to run a meek-server (meek bridge):
+You need a server with a DNS name pointing to it. +You need to be able to run a service on port 443. + +Let's say the server's DNS name is meek.example.com. + - Compile the program using 'go build'.
-- Update your torrc file. There's a sample on /meek-server/torrc. + cd meek-server + go build + +- Install meek-server under /usr/local/bin and give it permission to bind to port 443. + + cp meek-server /usr/local/bin + setcap 'cap_net_bind_service=+ep' /usr/local/bin/meek-server
- NOTE: if you want to run your bridge on two different ports (HTTP and HTTPS), use something like this: +- Add a line to your torrc file. Replace "meek.example.com" with your server's DNS name and "admin@meek.example.com" with your email address.
- ServerTransportPlugin meek exec /usr/local/bin/meek-server --port 7002 --disable-tls --log /var/log/tor/meek-server.log - ServerTransportPlugin meek exec /usr/local/bin/meek-server --port 7443 --cert /etc/meek/cert.pem --key /etc/meek/key.pem --log /var/log/tor/meek-server-https.log + ServerTransportPlugin meek exec /usr/local/bin/meek-server --acme-hostnames meek.example.com --acme-email admin@meek.example.com --log /var/log/tor/meek-server.log
-- To test your bridge on the clinet side, you can add a line like this to your torrc: +- To test your bridge on the client side, you can add a line like this to your torrc:
- Bridge meek 0.0.2.0:1 url=https://my-bridge.example.com:7443/ + Bridge meek 0.0.2.0:1 url=https://meek.example.com/
# Important Note: