NOTE: this guide is for HTTPS only! Other configurations may require a more bespoke setup depending on the service. Please consult the service documentation or the Start9 Community for help with non-HTTPS applications
The following command will register your device with an ACME certificate provider, such as letsencrypt
This only needs to be done once.
start-cli net acme init --provider=letsencrypt --contact="mailto:[email protected]"
providercan beletsencrypt,letsencrypt-staging(useful if you're doing a lot of testing and want to avoid being rate limited), or the url of any provider that supports the RFC8555 ACME apicontactcan be any valid contact url, typicallymailto:urls. it can be specified multiple times to set multiple contacts
The following command will tell the OS to use ACME certificates instead of system signed ones for the provided url. In this example, testing.drbonez.dev
This must be done for every domain you wish to host on clearnet.
start-cli net acme domain add "testing.drbonez.dev"
Go into your router settings, and map port 443 on your router to port 5443 on your start-os device. This one port should cover most use cases
The following command will tell the OS to route https requests from the WAN to the provided hostname to the specified service. In this example, we are adding testing.drbonez.dev to the host ui-multi on the package hello-world. To see a list of available host IDs for a given package, run start-cli package host <PACKAGE> list
This must be done for every domain you wish to host on clearnet.
start-cli package host hello-world address ui-multi add testing.drbonez.dev