Homepage uses webhooks to auto-restart the container triggered by a push to the config repo. But if you put Homepage behind mTLS, the webhook is also behind mTLS.
We could create a webhook proxy, webhooks.example.com, that does not use incoming mTLS. It forwards requests it to the homepage webhook, which does require outgoing mTLS. The idea is to have only one public non-mTLS webhook receiver for all apps. you configure it to match request urls to particular destination webhooks.
Homepage uses webhooks to auto-restart the container triggered by a push to the config repo. But if you put Homepage behind mTLS, the webhook is also behind mTLS.
We could create a webhook proxy, webhooks.example.com, that does not use incoming mTLS. It forwards requests it to the homepage webhook, which does require outgoing mTLS. The idea is to have only one public non-mTLS webhook receiver for all apps. you configure it to match request urls to particular destination webhooks.