Answer by Francis Martens (Exalate) on 03 January 2022
Hi David,
An approach is to add a reverse proxy (on the same host) in front of the snownode.
Nginx is in most cases the default choice, and the docker image https://hub.docker.com/r/jwilder/nginx-proxy is very versatile, extremely popular and easy to use.
Have a look.
The docker-compose.yml we use in our test environment, combines that image with letsencrypt, which automates the creation of the certificates. The whole setup takes a couple of minutes.
Thank you for the NGINX option. Is it not possible to set the container/web app to run as https only as we already have a reverse proxy (other server) we use and were just looking to secure comms between the reverse proxy and snownode.
Francis Martens (Exalate) commented on 04 January 2022
If that is the route to follow - startup and application.conf will have to be externalized from the container image and adapted accordingly.
If this is a bridge too far, use jwilder/nginx as a workaround, and deploy it as part of the exalate node itself (by adding it as a service in the docker-compose)