Should we add the guidance to put CourseGraph behind a VPN?

openedx / tutor-contrib-coursegraph

Work-in-progress Tutor plugin to enable the Open edX CourseGraph tool

GNU Affero General Public License v3.0

2 stars 4 forks source link

Should we add the guidance to put CourseGraph behind a VPN? #25

Closed kdmccormick closed 2 years ago

kdmccormick commented 2 years ago

This is the strategy edX used -- it found the Neo4j Community Edition's access control (everyone is an admin, no 2FA, no SSO) to be insufficient, so it just disabled Neo4j auth and put the Neo4j server behind an employees-only VPN.

If I were responsible for a CourseGraph instance containing copyrighted course content, I think I'd do the exact same thing.

Is this a reasonable recommendation to make for a Tutor plugin, given that services are proxied through a single Caddy instance?

kdmccormick commented 2 years ago

Asked here: https://discuss.overhang.io/t/putting-a-single-tutor-service-behind-a-vpn-hypothetical/2592

kdmccormick commented 2 years ago

Got some good feedback in that thread ^

PR: https://github.com/openedx/tutor-contrib-coursegraph/pull/31