viper0131 / check_mk

Check_MK docker version
21 stars 20 forks source link

Enable/provide instructions for enabling HTTPS/SSL #16

Closed innowintay closed 6 years ago

innowintay commented 6 years ago

This image is extremely useful as it is, and I thank you for that, but I cannot figure out how to implement SSL with it. I've tried several methods:

  1. Using a bind mount to mount my certs when running the image, installing mod_ssl, configuring /etc/httpd/conf.d/ssl.conf, and updating the /etc/httpd/conf.d/welcome.conf as recommended on the check_mk website

  2. Installing mod_ssl, adding certs and httpd config files, and exposing port 443 by way of a new build based off of your image.

  3. Building an image from scratch based on the history of your image, adding the necessary certificate and config files, adding mod_ssl to the RUN yum -y install, and exposing port 443.

I just can't seem to get it to work. I feel like I'm missing a crucial step, but I just can't figure out what.

mcgege commented 6 years ago

@innowintay As apache is configured by the omd script I would use stunnel as a ssl proxy here. You only need to to encapsulate the local http traffic, e.g.

[check_mk]
accept = 443
connect = 5000

and pass your certificates to stunnel. Of course the new ssl port must be published when starting the docker container.

Hope that helps

Michael