Closed hristog closed 4 years ago
Hi Hristog, I need to remind myself how exactly I set everything up, this repo was never meant for as general use as boinc-server-docker (I'm happy to help further though, although I am curious why you want to run this vs. the generic boinc-server-docker?)
But what I can tell you is that in production, what I do is simply log in to C@H server and run certbot
from inside the apache container to set up SSL via letsencrypt. You can see letsencrypt
is a volume which is mounted, so the cetificates all get stored there and also survive any restarts of the containers. Also certbot
is installed in the apache container here, so you could copy that e.g. for your custom project built from the boinc-server-docker containers.
(I'm happy to help further though, although I am curious why you want to run this vs. the generic boinc-server-docker?)
I'm new to BOINC development (although I had SETI@Home running back in 2011 for a while) and want to understand better the workings of a real-world project, like Cosmology@Home.
I like your boinc-server-docker
approach very much, and my intention has been to complement my understanding of how the various components communicate via getting a local version of Cosmology@Home running. I've got other BOINC open source projects on my list to study, but chose Cosmology@Home as a starting point, because the technologies used within the project seem to be closest to my own skills and experience.
Your second paragraph does answer my question. Thanks for offering to help further, though! At the current stage, I wouldn't want to bother you more about this, as I still need to do my homework properly and play around with a few more codebases besides yours.
I'm closing the issue. Thanks for your time :)
Hello,
I'd like to preface my question with the fact that I do realize that the problem probably has to do with my local setup (including some implicitly implied step for securing SSL access attempts to
localhost
via a self-signed certificate or something along similar lines) rather than something intrinsically wrong with the repository.Problem:
Steps to reproduce:
I've added
localhost www.cosmologyathome.org
to my/etc/hosts
file. Then, accessing http://www.cosmologyathome.org and http://localhost does work, while accessing https://www.cosmologyathome.org and https://localhost doesn't. Additionally, I'm unable to add the project via BOINC Manager either:I've also attempted introducing self-signed certificates via following the intrructons from the following articles:
I've tried to do this both locally and from inside the running Apache container (the spun up ran via
docker-compose up
), followed by restarting of the Apache service in the latter case, but neither approach has worked.Could you, please, provide some directions for attempting to fix this?
Thanks very much for your time!
Update: Wanted to add, for completeness, that I was able to get
boinc-server-docker
running successfully, without experiencing the same HTTPS issues. I think that there's some difference in how the projects are configured (haven't been able to disable HTTPS, and access the login pages etc, for the sake of experimentation, yet though; I can see that the project config xml - as accessed viaget_project_config.php
- of Cosmology@Home does have a<web_rpc_url_base>https://www.cosmologyathome.org/</web_rpc_url_base>
line, whereas theboinc-server-docker
project differs in this regard), but I'm not sure, whether removing HTTPS support would be a good idea, instead of enabling it to work properly.Update 2: I've commented out the
define("SECURE_URL_BASE",str_replace("http","https",$master_url))
line fromhtml/project/project.inc
and currently testing to see if this change has had any effect. However, I do believe that such kind of a workaround would only be acceptable for a dev environment, and I would appreciate if you could, please, direct me towards a proper solution which has SSL enabled and honored properly.Update 3: The change has effectively worked as expected. Now trying to figure out how to implement the proper solution with SSL support.