search

WordPress / gutenberg

The Block Editor project for WordPress and beyond. Plugin is available from the official repository.
https://wordpress.org/gutenberg/
Other
10.3k stars 4.11k forks source link

Provide SSL support in @wordpress/env #8211

Open tofumatt opened 6 years ago

tofumatt commented 6 years ago

It would be useful to have an SSL option for the development docker image so we can test mixed-content issues and other things. Obviously it will be a self-signed certificate, but it's pretty easy to add SSL support to the image; it doesn't even require a special Dockerfile or anything like that.

tofumatt commented 6 years ago

(For instance, I wanted to check against an SSL-enabled site for #8164, but wasn't able to as right now the local development server only runs an HTTP site.)

gziolo commented 5 years ago

Re-sharing comment from @WraithKenny left in closed PR (https://github.com/WordPress/gutenberg/pull/8212#issuecomment-479205855):

I believe that running the docker-compose COMMAND means that it will generate a self-sign cert each and every time you run up. That means you have to add & trust the cert, or click the "unsafe" link, each time.

Perhaps it'd be better to generate the local cert locally, since it's only valid for your own local system. You can create a root folder to hold openssl certs, and mount them into the proper place (making them persistent). Additionally, we can also make the sites-enabled and mods-enabled files persist the same way.

volumes:
  - ./ssl/ca.crt:/etc/apache2/ssl/ca.crt
  - ./ssl/ca.key:/etc/apache2/ssl/ca.key
  - ./ssl/000-default.conf:/etc/apache2/sites-enabled/000-default.conf
  - ./ssl/ssl.load:/etc/apache2/mods-enabled/ssl.load

This has the advantage of being able to add the cert and trust it once, and be done with it. It also has the benefit of being able to define your own domains, like wordpress.test etc.

Finally and alternatively, it might be worth considering placing the certs into a usr folder, so the cert can be reused for multiple projects, beyond just this project.

AlphaWong commented 4 years ago

I think we can use https://serveo.net/ to achieve it. what do u think ?

coreymckrill commented 3 years ago

My vote would be:

  1. Yes
  2. Added rather than replaced
  3. Maybe just allow the .wp-env.json file to be aware of cert file locations, and let the user handle generating them. Could even add some tips about using devcert in the documentation
iandunn commented 3 years ago

mkcert also works well IMO.

https://github.com/WordPress/wordcamp.org/blob/055fd1a66f036da5211ba489dc80a65e3d3a8081/.docker/readme.md#initial-setup

hadamlenz commented 6 months ago

you can create a cert authority so that all the certs created and destroyed are trusted. you only have to trust the authority https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/