Automatic HTTPS redirect for admin access

[pikausp]

I was not able to find this in the documentation, but is it possible to acquire SSL cert and proxy traffic to 81 out of the box, or do I need to do that manually when I do not want to access the admin panel via HTTP?

[jc21]

What I personally do is use 81 locally at first to create a proxy host for the management interface with ssl enabled. Then I disable docker port forwarding on 81.

[pikausp]

@jc21 that's what I did using SSH tunnel, however, I feel like most people will end up accessing the admin panel insecurely over the internet using HTTP, hence the enhancement proposal.

My take is in 95%+ of the scenarios people want/should use 127.0.0.1:81:81 in the ports section and proxy the admin. What do you think?

[DonavanMartin]

This issue isn't well documented. Most of users will left 81 port insecure.

[bbeckford]

jc21 What I personally do is use 81 locally at first to create a proxy host for the management interface with ssl enabled. Then I disable docker port forwarding on 81.

Hey @jc21 could you share a quick tutorial on how to set this up? I've got the proxy working but I want to turn off port 81 publicly now, just not sure how to do that part :)

[jc21]

It's as easy as creating a proxy host to 127.0.0.1 on port 81 and afterwards, updating the docker-compose.yml file to remove port 81 forwarding.

[hafx]

Hey, @jc21 Thanks for this. Which certificate do you use for ssl in your lan ? (is it self signed certificate ?) I dont want to expose npm web admin on internet.

[phocks]

What I personally do is use 81 locally at first to create a proxy host for the management interface with ssl enabled. Then I disable docker port forwarding on 81.

This is a great idea. Would be good to include in the docs. Cheers!

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: