search

bfabiszewski / ulogger-server

μlogger • web viewer for tracks uploaded with μlogger mobile client
GNU General Public License v3.0
522 stars 85 forks source link

add: ssl for docker container #136

Closed hrehfeld closed 3 years ago

hrehfeld commented 3 years ago

I made some changes so the docker container enables ssl via letscrypt certificates in /etc/letsencrypt/live/<site>/. Certificates are easily retrieved using https://certbot.eff.org/docs/install.html#running-with-docker while mounting /etc/letsencrypt into the local filesystem. Site address is given via ARG, see Dockerfile.

I only tested sqlite so far and I'm not sure how to fix travis -- we would probably need some test certificates/domain...

Certbot command to get certificates:

BASE="certificates"
mkdir -p "$BASE"
sudo docker run -it --rm --name certbot \
            -v "$BASE/etc/letsencrypt:/etc/letsencrypt" \
            -v "$BASE/var/lib/letsencrypt:/var/lib/letsencrypt" \
            certbot/certbot --standalone certonly

Then run the container with corresponding mounts.

bfabiszewski commented 3 years ago

I use docker mainly for automated interface testing. Setting SSL with Let's Encrypt as default setup will make testing unnecessarily complicated. SSL could only be added as an optional feature.

hrehfeld commented 3 years ago

True, but for a real user, ssl is basically a requirement. Do you have suggestions how to make it optional so that your workflow still works easily?

bfabiszewski commented 3 years ago

I think we need a real production docker for it. The current one is only for testing. Maybe it would be better to create a production docker separate to this repo. See the discussion

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.