1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# Using stunnel with Fossil on Windows
While there are many ways to configure Fossil as a server using various web
servers (Apache, IIS, nginx, etc.), this document will focus on setting up a
minimal Fossil server using only Fossil's native [server
capabilities](server.wiki#standalone) and [stunnel](https://www.stunnel.org/)
to provide a TLS proxy. It is recommended for public repositories to go to the
extra step of configuring stunnel to provide a proper HTTPS setup.
## Assumptions
1. You have Administrative access to a Windows 2012r2 or above server.
2. You have PowerShell 5.1 or above installed.
3. You have acquired a certificate either from a Public CA or an Internal CA.
These instructions were tested with Fossil 2.10 and stunnel 5.55. Other
versions may not function in a similar manner. There is a bug in Fossil 2.9 and
earlier that prevents these versions of Fossil from properly constructing https
URLs when used with stunnel as a proxy. Please make sure you are using Fossil
2.10 or later on Windows.
## Configure Fossil Service for https
Following most of [Fossil as a Windows Service](service.md), you will need
to change the command to install the Fossil Service to configure it properly for
use with stunnel as an https proxy. Run the following instead:
```PowerShell
New-Service -Name fossil-secure -DisplayName fossil-secure -BinaryPathName '"C:\Program Files (x86)\FossilSCM\fossil.exe"
server --localhost --port 9000 --https --repolist "D:/Path/to/Repos"' -StartupType Automatic
|
|
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# Using stunnel with Fossil on Windows
While there are many ways to configure Fossil as a server using various web
servers (Apache, IIS, nginx, etc.), this document will focus on setting up a
minimal Fossil server using only Fossil's native [server
capabilities](../any/none.md) and [stunnel](https://www.stunnel.org/)
to provide a TLS proxy. It is recommended for public repositories to go to the
extra step of configuring stunnel to provide a proper HTTPS setup.
## Assumptions
1. You have Administrative access to a Windows 2012r2 or above server.
2. You have PowerShell 5.1 or above installed.
3. You have acquired a certificate either from a Public CA or an Internal CA.
These instructions were tested with Fossil 2.10 and stunnel 5.55. Other
versions may not function in a similar manner. There is a bug in Fossil 2.9 and
earlier that prevents these versions of Fossil from properly constructing https
URLs when used with stunnel as a proxy. Please make sure you are using Fossil
2.10 or later on Windows.
## Configure Fossil Service for https
Following most of [Fossil as a Windows Service](./service.md), you will need
to change the command to install the Fossil Service to configure it properly for
use with stunnel as an https proxy. Run the following instead:
```PowerShell
New-Service -Name fossil-secure -DisplayName fossil-secure -BinaryPathName '"C:\Program Files (x86)\FossilSCM\fossil.exe"
server --localhost --port 9000 --https --repolist "D:/Path/to/Repos"' -StartupType Automatic
|