Open sircsaba opened 1 week ago
You can easily get the needed ssl cert for free by using letsencrypt.org. I have my own server as well and have been using them for years. Check it out!
Also, if you don't have a way to setup a webserver for the verification (like, no access to port 80 from outside, as some ISPs will insist on), there are other methods of verification: https://letsencrypt.org/docs/client-options/ I use the DNS method and it works fine.
Just remember that you will need to renew the cert every 3 months unless you setup a mechanism to have it auto-renew. Has any out there tried using a self-signed cert?
I would strongly discourage the use of self-signed certs. It is not easy to install them on a iPhone, and when you switch you have to do it all over again.
You could use something like Traefik to auto-renew your cert via letsencrypt. Here is an docker-compose example:
version: "3.8"
x-logging:
&default-logging
options:
max-size: '10m'
max-file: '5'
driver: json-file
services:
mongo:
image: mongo:4.4
container_name: mongo
volumes:
- /mnt/volume_ams3_02/mongo:/data/db:cached
logging: *default-logging
nightscout:
image: nightscout/cgm-remote-monitor:latest
container_name: nightscout
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.nightscout.rule=Host(`nightscout.<YOUR_DOMAIN>`)'
- 'traefik.http.routers.nightscout.entrypoints=websecure'
- 'traefik.http.routers.nightscout.tls.certresolver=le'
restart: always
depends_on:
- mongo
logging: *default-logging
traefik:
image: traefik:latest
container_name: 'traefik'
command:
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--entrypoints.web.address=:80'
- '--entrypoints.web.http.redirections.entrypoint.to=websecure'
- '--entrypoints.websecure.address=:443'
- "--certificatesresolvers.le.acme.httpchallenge=true"
- "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
- '--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json'
- '--certificatesresolvers.le.acme.email=<EMAIL>'
ports:
- '443:443'
- '80:80'
volumes:
- './letsencrypt:/letsencrypt'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
logging: *default-logging
Can Nightscout be used without HTTPS ? I'm using my personal HTTP nightscout setup ? If not, can it be done somehow ?