search

karlicoss / cloudmacs

Selfhost your Emacs and access it in browser
https://beepb00p.xyz/cloudmacs.html
GNU General Public License v3.0
509 stars 27 forks source link

Secure? #5

Closed grauschnabel closed 3 years ago

grauschnabel commented 3 years ago

Hi there,

This worked for me out of the box, but what is the recommend way to secure that config? Now everyone knows my link can read all my files. (So i shut down the service.) What are you doing?

Thanks, Martin

karlicoss commented 3 years ago

Hi! Glad it worked for you!

I actually haven't run it for a while (since covid, don't spend as much time away from home) + switched to Doom Emacs now. But anyway, if you use reverse proxy (instructions), then you can set up basic auth, it's essentially a password. Another more sophisticated option would be to set up a certificate auth, then you can install the certificate only on the browsers you trust (it works sort of like SSH key).

grauschnabel commented 3 years ago

Thanks for that fast answer.

What you trying me to say is that cloudmax itself doesn't support that, but there are different ways to hide cloudmax behind the webserver (i prefer nginx so far, men know that apache should workt too), and use the secure mechanism from there?

Thanks!

(I'm closing this, but you can reopen it if I'm wrong.)

karlicoss commented 3 years ago

Yep, correct! It would be much more secure to rely on the web server like Nginx, than to reimplement it from scratch!