search

LoopKit / Loop

An automated insulin delivery app for iOS, built on LoopKit
https://loopdocs.org
Other
1.44k stars 1.27k forks source link

HTTP with Nightscout ? #2181

Open sircsaba opened 1 week ago

sircsaba commented 1 week ago

Can Nightscout be used without HTTPS ? I'm using my personal HTTP nightscout setup ? If not, can it be done somehow ?

rajid commented 1 week ago

You can easily get the needed ssl cert for free by using letsencrypt.org. I have my own server as well and have been using them for years. Check it out!

Also, if you don't have a way to setup a webserver for the verification (like, no access to port 80 from outside, as some ISPs will insist on), there are other methods of verification: https://letsencrypt.org/docs/client-options/ I use the DNS method and it works fine.

rolandet commented 1 week ago

Just remember that you will need to renew the cert every 3 months unless you setup a mechanism to have it auto-renew. Has any out there tried using a self-signed cert?

bastiaanv commented 1 day ago

I would strongly discourage the use of self-signed certs. It is not easy to install them on a iPhone, and when you switch you have to do it all over again.

You could use something like Traefik to auto-renew your cert via letsencrypt. Here is an docker-compose example:

version: "3.8"

x-logging:
  &default-logging
  options:
    max-size: '10m'
    max-file: '5'
  driver: json-file

services:
  mongo:
    image: mongo:4.4
    container_name: mongo
    volumes:
      - /mnt/volume_ams3_02/mongo:/data/db:cached
    logging: *default-logging

  nightscout:
    image: nightscout/cgm-remote-monitor:latest
    container_name: nightscout
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.nightscout.rule=Host(`nightscout.<YOUR_DOMAIN>`)'
      - 'traefik.http.routers.nightscout.entrypoints=websecure'
      - 'traefik.http.routers.nightscout.tls.certresolver=le'
    restart: always
    depends_on:
      - mongo
    logging: *default-logging

  traefik:
    image: traefik:latest
    container_name: 'traefik'
    command:
      - '--providers.docker=true'
      - '--providers.docker.exposedbydefault=false'
      - '--entrypoints.web.address=:80'
      - '--entrypoints.web.http.redirections.entrypoint.to=websecure'
      - '--entrypoints.websecure.address=:443'
      - "--certificatesresolvers.le.acme.httpchallenge=true"
      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
      - '--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json'
      - '--certificatesresolvers.le.acme.email=<EMAIL>'
    ports:
      - '443:443'
      - '80:80'
    volumes:
      - './letsencrypt:/letsencrypt'
      - '/var/run/docker.sock:/var/run/docker.sock:ro'
    logging: *default-logging