search

ElasticHQ / elasticsearch-HQ

Monitoring and Management Web Application for ElasticSearch instances and clusters.
http://www.elastichq.org
Other
4.96k stars 528 forks source link

ElasticHQ web interface over HTTPS? #507

Open loganmarchione opened 4 years ago

loganmarchione commented 4 years ago

General information

Issue Description

Maybe I missed this in the documentation, but is there a way to access the ElasticHQ web interface over HTTPS? I saw this, but I think that's for connecting to an Elasticsearch node over SSL, right?

I'm aware I can serve the web interface via a reverse-proxy, but just wondered if it was possible to serve via HTTPS directly from the app.

Source Code / Logs

On my Docker host, I run Let's Encrypt, so I can mount the certs inside the container.

version: '3'
services:
  elastichq:
    container_name: elastichq
    image: elastichq/elasticsearch-hq
    restart: unless-stopped
    environment:
      - HQ_DEFAULT_URL=http://graylog03:9200
      - HQ_ENABLE_SSL=False
    networks:
      - elastichq
    ports:
      - '5000:5000'
    volumes:
      - '/etc/letsencrypt/archive/docker03.internal.mydomain.com:/certs/archive/docker03.internal.mydomain.com:ro'
      - '/etc/letsencrypt/live/docker03.internal.mydomain.com:/certs/live/docker03.internal.mydomain.com:ro'

networks:
  elastichq:

Inside the container, I can see the .pem certs from Let's Encrypt. Is there a way to serve the web interface using these certs?

bash-4.4# ls -la /certs/live/docker03.internal.mydomain.com/
total 28
drwxr-xr-x    2 root     root          4096 Nov 21 13:17 .
drwxr-xr-x    3 root     root          4096 Dec 13 18:51 ..
-rw-r--r--    1 root     root           692 Jul 23 14:40 README
lrwxrwxrwx    1 root     root            60 Nov 21 13:17 cert.pem -> ../../archive/docker03.internal.mydomain.com/cert3.pem
lrwxrwxrwx    1 root     root            61 Nov 21 13:17 chain.pem -> ../../archive/docker03.internal.mydomain.com/chain3.pem
lrwxrwxrwx    1 root     root            65 Nov 21 13:17 fullchain.pem -> ../../archive/docker03.internal.mydomain.com/fullchain3.pem
lrwxrwxrwx    1 root     root            63 Nov 21 13:17 privkey.pem -> ../../archive/docker03.internal.mydomain.com/privkey3.pem