Open phlegx opened 1 year ago
Hi Martin, none of the Pelias components supply basic auth or SSL.
The reason for this is that SSL can be complex, particularly when considering things like no downtime certificate renewal.
If you'd like to secure your Pelias installation it's recommended that you use an SSL appliance in front of your installation, either a proxy server such as NGINX, or a cloud load balancer.
I'm closing this issue as transport layer security, access control and authentication are considered out of scope and better handled at other layers of the stack.
Hello @missinglink
I think they do: It is even in the config file where you can set the protocol as well as also the basic auth. In the default coinfiguration you only see protocol: https://github.com/pelias/config/blob/master/config/defaults.json#L2
I have pelias API atm for example currently running with auth auth": "elastic:xxxxxxx"
and http.
best Martin
Oh yes I misunderstood, you're talking about between the application and elastic not between the application and the user.
All the other codebases use a nodejs elastic client whereas this uses a ruby client.
We'd be happy to accept a PR to bring the two into parity.
+1 Would also appreciate this as my Elasticsearch-Cluster is deployed via operator, which defaults to a Basic-Auth.
Hi there!
As far as I have seen the Dashboard does not support SSL connection to Elasticsearch with a self signed certificate.
Furthermore it seems that also Basic Auth is not supported.
Are there any plans to include these two things? From what I have seen and experienced is that the other Pelias components support all of this.
Best Martin
related https://github.com/pelias/api/issues/1668#issuecomment-1852197244