Hello Jonathan, Jonathan Aquilina [2025-03-11 14:04 +0000]: > On my local machine I would still prefer to run a proper certificate and even > on my home network I have looked into this. > > The issue is automated renewal and auto deployment to the infrastructure > devices from cert bot. > > What could be done is that certbot can download but not deploy the > certificates and then lets say in the config we specify where the LE > certificates get placed /opt/LE for instance and any time they renew cockpit > would just look in that location and have the certificates ready.
You can already do that: Let certbot create the cert in /etc/cockpit/ws-cert.d/ , or put a symlink there to where LE writes its certificate (as that is often shared by multiple consumers). See https://cockpit-project.org/guide/latest/https.html > In terms of authentication has modern forms of authentication been considered > like logging in with SSO or other platforms to login, just like keycloak > offers along side SSO. SSO with FreeIPA or AD have both been supported for a long time: https://cockpit-project.org/guide/latest/sso.html You can also use custom authentication schemas, but this is much more difficult, underdocumented, and there isn't a lot of precendent. That is an area which could use some love. > I am very interested in contributing to this project in any way that I can. Thanks for your interest! > How can someone get started contributing? https://cockpit-project.org/external/wiki/Contributing.html is a good entry point - it has the documentation how to get started with setting up a dev environment, making and testing your first change, how cockpit works, our Matrix channel for asking us (we are there to help!), and for how to make contributions. If anything is unclear on this page, please also let us know, we want to keep it current, useful, and comprehensible. Thanks, Pitti -- _______________________________________________ cockpit-devel mailing list -- cockpit-devel@lists.fedorahosted.org To unsubscribe send an email to cockpit-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/cockpit-devel@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
