search

AUBGTheHUB / monolith

The Hub AUBG's mono repo
MIT License
9 stars 4 forks source link

Choose a web server/reverse proxy #737

Open IvanObreshkov opened 4 weeks ago

IvanObreshkov commented 4 weeks ago

With @asynchroza we had a small discussion about this but let's make it official.

  1. The good old nginx:

Here we need a couple of things: nginx.conf, nginx image and certbot in the docker compose.

Nginx would act as a reverse proxy, by re-routing traffic to the different services.

Nginx would act as a web server shipping the bundled version of our website. The tricky part here is the automatic renewal of SSL certs. How to achieve this:

  1. Certbot has a cron job which automatically renews the certs

  2. The certs need to reloaded in the nginx config without downtime. This could be done by creating a certbot post-hook which runs nginx -s reload, which will gracefully reload the server's config and the certs will be updated with no downtime.

  3. Caddy Can act as a reverse proxy and a web server. Automatically updates and take care of SSL certs, I guess again without downtime. Haven't used it, more research is needed here.

IvanObreshkov commented 1 week ago

@Isak-Bego @cl3vy we should have this figured out preferably before implementing https://github.com/AUBGTheHUB/monolith/issues/736