search

Police-Data-Accessibility-Project / meta

Planning our activities with issues that don't fit in a specific repository yet.
GNU General Public License v3.0
693 stars 58 forks source link

SSL for automation manager #221

Closed josh-chamberlain closed 2 months ago

josh-chamberlain commented 5 months ago

Context

we're using Jenkins deployed to automation.pdap.io, but it's not https. in the past we've used DO's app platform, which handles this automatically.

Requirements

it seems like it's best to generate a certificate using something like certbot, turn it into a js keystore, then configure Jenkins with that.

I got to the point where I was making certbot commands in the droplet console, but I try not to enter commands I don't understand outside my own terminal...would rather not mess anything up. Let me know if you need my digital ocean authority to support this.

maxachis commented 5 months ago

Begun working on this. pdap.automation.io now redirects to a new droplet that has SSL. It was ultimately easier for me to just start a new droplet rather than try to integrate it into our existing setup and risk something breaking. The existing setup still exists and can be accessed by the IP address.

I intend for that droplet to also incorporate some other changes discussed in #223: Namely, the use of docker containers and ensuring that setup doesn't require root access and can be done automatically from Jenkins. I'm doing this now rather than later because it's comparatively safe to try this in a separate droplet and, if my hunch is correct, it will save us time in the long run.

TODO

maxachis commented 2 months ago

SSL has been incorporated, and so this can now be closed!