Go has some of the best letsencrypt tooling out there, and there was even some support for merging ACME support directly into net/http
https://github.com/golang/go/issues/17053
I've been hosting my website using the https://github.com/diafygi/acme-tiny Python script running along with Nginx on a Raspberry Pi 1 Model B with reverse-proxy caching provided by CloudFlare from my home line for several months now. I have repo where I detail the setup and provide some config files and scripts.
I've been thinking about posting about it to HN but have not submitted it because
(a) Some of it might still be incomplete. Even though my website works perfectly, I don't remember if I've recorded absolutely everything that is needed or not.
(b) I have written a script to obtain the WAN IP from our router rather than using a 3rd party service. This is great for me because it means one less thing to worry about, but it also means that for others who are using different routers, their setup will require adjustments.
(c) Getting any attention on HN is hard. Submitted posts are most likely to gain a few couple upvotes before they quickly drown in the masses.
Anyway, since we were on the subject of other tools to use for Let's Encrypt, I figured I'd bring up acme-tiny, and when I had done so, I might as well mention all of the rest I said above.
I'll be speaking about these various ACME packages for Go at dotGo next month. ACME is a little tricky, and each package has optimal use cases for best results.
Out of interest, is the built-in Go server what everyone uses for hosting their Go websites? I'm used to the typical Nginx / Gunicorn / Python stack and Python's built-in server is used for nothing more than development.
There seem to be slightly fewer Lets Encrypt and ACME implementations than stars in the sky. Which is fantastic. Last week I read about a privsep/chroot/pledge'd (OpenBSD thing) C implementation https://kristaps.bsd.lv/acme-client/ .
`defer` mostly makes sense when there's multiple exit paths (returns) or if there's a chance any of the code panics. Neither is the case in this instance, so just doing it like that is fine. There is also a slight overhead for deferring, as it needs to allocate some memory on the heap
The behavior is different if a panic occurs, isn't it? But is there any chance that this particular initialization code might panic in the first place?
Does any of the code snippets on the godoc site constitute a fully working example? The sheer amount of library stuff I go through on a daily webdev basis makes me dizzy at times!
Your application likely uses more routes, and has other real work to do that won't be as brief as the example. However, the examples do work for me, and seem like a great place to start building up from.
Go has some of the best letsencrypt tooling out there, and there was even some support for merging ACME support directly into net/http https://github.com/golang/go/issues/17053