Closed joshwcomeau closed 6 years ago
Hm, I don't think you want to go with a self-signed certificate, otherwise everybody would have to add a security exception before they can request the analytics?
Hm, I don't think you want to go with a self-signed certificate, otherwise everybody would have to add a security exception before they can request the analytics?
Ah, hm. You're probably right. I was imagining that it would show a warning if you were to visit the page, but that a fetch()
would still work.
I can generate a cert with LetsEncrypt's certbot pretty simply, do you have any suggestions for how micro-analytics could consume it?
You're probably better served by just putting a proxy with a SSL cert in front?
I agree with @mxstbr that a proxy like nginx would be a good option for this. We have some pointers for setting up nginx in docs/server-setup.md, but it lacks info about ssl. Maybe we should add a note about that?
@joshwcomeau Is there anything that hinders you from using a proxy?
Ah, right! That should be pretty straightforward. I think once you know how to set up nginx, adding SSL support is a pretty small jump.
I think the reason this wasn't immediately intuitive to me is because the node app is abstracted from the user using the CLI. For some reason, it hadn't occurred to me that I could just treat it as any of my other node apps.
I think this is likely just momentary forgetfulness on my part, though, and not a generalized problem. I don't really think anything needs to be changed with the docs... if anything, just a link to the DigitalOcean docs on setting up nginx with lets-encrypt would suffice :)
Gonna close, since the issue is resolved IMO :) thanks for the quick feedback!
Hi friends! Thanks again for the wonderful project.
I realized that when trying to
fetch()
the analytics for a page on HTTPS, it fails, since themicro-analytics
server is HTTP, so Chrome rejects the fetch because it's an "insecure resource".Looks like
micro
can be set up with HTTPS pretty simply. There's an example here.I'm considering forking this project to implement it, but I first wanted to check if there wasn't a simpler way to do this that I was overlooking? Has anyone else implemented this for an HTTPS page?
Thanks!