In most cases, I just front my web server with haproxy/caddy to do TLS termination.

I'm happy to do it directly in the Clojure if that means fewer moving parts (as opposed to an external proxy)

In case the observation helps, that external moving part helps you with "slow client" attacks, which are expensive to tackle at the application level

There’s a lib that helps untangle the java bits to get ssl-contexts for various purposes: https://github.com/aphyr/less-awful-ssl

less-awful-ssl is good, but outdated and supports maximum TLSv1.2 IIRC. I've updated the code in less-awful-ssl to support TLSv1.3 when adding mutual TLS support for nREPL. You can see the pull request here: https://github.com/nrepl/nrepl/pull/283/files It's certainly more work than just adding a proxy. Personally I've used nginx when doing TLS proxies. So I'd recommend the "proxy way" as well. Also worth checking out if you don't want your browser complaining when you are visiting your local https port: https://github.com/FiloSottile/mkcert/ How I've used this tool is generating a cert with mkcert, put it in an nginx docker container running with net host locally, then have the nginx forward to the actual http dev server running at e.g. http://localhost:12345. With that, http browser headers can be strict like in production, i.e. you'll have a good dev/prod parity. (Not sure if you are targeting browsers or not though.)

I'm a big fan of mkcert - I use it for all my local development too 🙂

Thanks for the suggestions folks. I'm still tempted to handle things in-app :thinking_face:

From what I can tell :ssl-context should be an instance of .ssl.SSLContext. that in turn can be created/constructed with less-awful-ssl. Some details here: https://github.com/ring-clojure/ring/issues/424 You can also see the nREPL pull request here: https://github.com/nrepl/nrepl/pull/283/files#diff-b7957e0ec76c0b96ff69fcf6a92bc013c0916dad48732b361f956e59446c42daR153-R170 (That namespace also supports smaller and more modern elliptic curve keys. It's just slightly modified from less-awful-ssl.)

Ok that's a good sample, thank you

https://clojurians.slack.com/archives/C06MAR553/p1687373044571629 https://clojurians.slack.com/archives/C06MAR553/p1681211939534299 There are many other entries in that channel if you search for the word "game" there.

there's also the somewhat inactive #C066UV2MV channel

IIRC one of the more enthusiastic use cases for ClojureCLR was a certain game framework?

I expect ClojureDart will change the picture somewhat.

Always worth mentioning in this context: • https://github.com/nasser/magic • https://github.com/arcadia-unity/Arcadia

Those are engines but I'm looking for actual games developed in clojure which are more than tech demos.

Games per-say, not sure. But what always comes to my mind is how the Defold game engine is implemented in Clojure (the UI of it)

Seems like only the editor is written with Clojure and not the engine itself. Ah, that's probably what you meant by "the UI of it", which can be interpreted differently.

Ya, that's what I meant. Engine is in C++

There was once a kicksparter project for this game: https://github.com/Zetawar/zetawar I think it's abondoned now but I found it interesting at the time.

-T:cljfmt should be used instead of -Tcljfmt. But don't know whether that's the culprit.

@U2FRKM4TW you're right! I missed a colon... thanks mate

I got confused with the proper tool install way that

clj -Ttools