tbenbow
commented
11 months ago I started working on this in the branch "feat/ngrok". This branch has an updated docker-compose.yml file and ngrok configuration file. This will create two ngrok tunnels. One for the client app and one for the API.
This should be considered a work in progress though. We have a few tasks before this can be used to access the app remotely.
-
Make the clients reference to the api url dynamic so it can be configured to point to the ngrok api tunnel url when making requests from an ngrok tunneled version of the app.
-
Password protect the react client using htpasswd.
-
Password protect the api using express-basic-auth.
4.Store the NGROK auth token and other passwords in environment variables.
These 4 items should be all it takes but we should think about any other potential security holes we might have. Some of our data is stored on the server in JSON, can this be accessed directly without using the API?
Endstate: when we run docker compose, ngrok automatically connects to an associated ngrok configuration using a provided key
We want to create a tunnel to port 3000 on start.
In client docker: