An idea - if someone wants to set up their own web server (i.e. "self-hosted"), we could provide Docker container images that people could download and run that have Apache or NGINX all pre-configured with the appropriate settings.
This would allow someone to just do something like:
docker pull internetsociety/ose-web-apache
docker run <appropriate flags and commands>
and have a self-hosted server running with the appropriate configuration settings.
It would be a quick way that people could set up their own self-hosted server with all the security / availability settings that we recommend via the OSE documentation.
Note that we could set things up for HTTP/2, TLS, and associated TLS options such as HSTS. Support for IPv6 and DNSSEC would still require external support to configure connections, etc.
I already set up an "organization" for "internetsociety" on Docker Hub, so we have a place to host the images.
There are existing images for Apache (httpd) and NGINX that we could use as a building block:
An idea - if someone wants to set up their own web server (i.e. "self-hosted"), we could provide Docker container images that people could download and run that have Apache or NGINX all pre-configured with the appropriate settings.
This would allow someone to just do something like:
and have a self-hosted server running with the appropriate configuration settings.
It would be a quick way that people could set up their own self-hosted server with all the security / availability settings that we recommend via the OSE documentation.
Note that we could set things up for HTTP/2, TLS, and associated TLS options such as HSTS. Support for IPv6 and DNSSEC would still require external support to configure connections, etc.
I already set up an "organization" for "internetsociety" on Docker Hub, so we have a place to host the images.
There are existing images for Apache (httpd) and NGINX that we could use as a building block:
https://hub.docker.com/_/httpd https://hub.docker.com/_/nginx
So the
Dockerfilefor each OSE image (we would want two, one for Apache, one for NGINX) could just build off of those official images.If we were to do this, we would of course need to commit to keeping the Docker images up-to-date on Docker Hub.