mlilien
commented
4 years ago what is the impact for the elbb-dev-environment? why would i use elbb-dev-environment in a production env? how can let's encrypt help? I need a domain for my development environment then, right?
The docker registry in the local dev environment should be secure. This is needed for bb-balena-microservices where the balena-cli starts a unique docker daemon. Unless configured securely this docker daemon always needs to define the local dev registry as insecure. Problem is, that this is a requirement only for local dev environment but not for prod. Even if a self signed certificate is used the balena-cli container must trust this certificate.
Proposal: Use let's encrypt with auto renewal on docker registry to make it safe without the need to maintain the renewal of certificates.