HTTPS

[BrandonLMorris]

Encrypt traffic to and from the server with HTTPS. Primarily to hide passwords.

Considerations

• Potentially adds complexity to the deployment process
• Getting a signed certificate
  • Let's Encrypt may be interesting and free

[Mac-Genius]

Done. I'm currently using a Nginx server to act as a simple reverse proxy. This allows us to not need to change the functionality of the Flask server, and Nginx handles all of the HTTPS stuff for us

[BrandonLMorris]

Ok, did you need to make any actual changes to the project, or was setting up HTTPS entirely outside of the codebase?

e.g. Do we need to keep nginx config files in the repo or anything like that? I want to keep deployment somewhat segregated from the core project, I just don't know where that line falls on this.

[Mac-Genius]

No code changes were made to our project, all the setup was made outside of the codebase. I plan on writing up how to deploy the full environment when I finish rewriting the site. We could keep the nginx config files in a separate repo, but they are pretty generic. Ideally we would have some sort of automated deployment scheme.

[Mac-Genius]

I would be interested in using the nginx server to serve all of our static files so that we could remove some of the stress on Flask. We could also use nginx for caching the static files and it would put even less strain on the server.