1 answer
- 210
Hi David,
An approach is to add a reverse proxy (on the same host) in front of the snownode.
Nginx is in most cases the default choice, and the docker image https://hub.docker.com/r/jwilder/nginx-proxy is very versatile, extremely popular and easy to use.
Have a look.
The docker-compose.yml we use in our test environment, combines that image with letsencrypt, which automates the creation of the certificates. The whole setup takes a couple of minutes.version: '3' services: proxy: restart: unless-stopped image: jwilder/nginx-proxy ports: - 80:80 - 443:443 volumes: - /var/run/docker.sock:/tmp/docker.sock - ./certs:/etc/nginx/certs:ro - ./conf.d:/etc/nginx/conf.d labels: - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy letsencrypt: restart: unless-stopped image: jrcs/letsencrypt-nginx-proxy-companion volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./certs:/etc/nginx/certs:rw networks: default: external: name: proxy- David Martin
Hi Francis Martens (Exalate) ,
Thank you for the NGINX option. Is it not possible to set the container/web app to run as https only as we already have a reverse proxy (other server) we use and were just looking to secure comms between the reverse proxy and snownode. - Francis Martens (Exalate)
Support for SSL connections are currently not supported in the product itself. As exalate is based on the play framework, it might be enabled by checking out
https://www.playframework.com/documentation/2.8.x/ConfiguringHttps
If that is the route to follow - startup and application.conf will have to be externalized from the container image and adapted accordingly.
If this is a bridge too far, use jwilder/nginx as a workaround, and deploy it as part of the exalate node itself (by adding it as a service in the docker-compose)
Add your comment...
How can I configure Snownode to run over HTTPS for the Web UI and also redirect to HTTPS when HTTP is entered.
I am assuming it is to do with Tomcat or Apache configuration in the docker image