elasticsearch-HQ icon indicating copy to clipboard operation
elasticsearch-HQ copied to clipboard

Published 20 hours ago verified publisher icon ElasticHQ

ElasticHQ web interface over HTTPS?

Open loganmarchione opened this issue 4 years ago • 0 comments

General information

  • OS Platform and Distribution: Docker on Ubuntu 18.04
  • ElasticHQ Version: 3.5.12
  • Elasticsearch Version: 6.8.5
  • Python version (ignore is using docker image): N/A
  • Browser Vendor and Version (if applicable): Latest Firefox/Chrome

Issue Description

Maybe I missed this in the documentation, but is there a way to access the ElasticHQ web interface over HTTPS? I saw this, but I think that's for connecting to an Elasticsearch node over SSL, right?

I'm aware I can serve the web interface via a reverse-proxy, but just wondered if it was possible to serve via HTTPS directly from the app.

Source Code / Logs

On my Docker host, I run Let's Encrypt, so I can mount the certs inside the container.

version: '3'
services:
  elastichq:
    container_name: elastichq
    image: elastichq/elasticsearch-hq
    restart: unless-stopped
    environment:
      - HQ_DEFAULT_URL=http://graylog03:9200
      - HQ_ENABLE_SSL=False
    networks:
      - elastichq
    ports:
      - '5000:5000'
    volumes:
      - '/etc/letsencrypt/archive/docker03.internal.mydomain.com:/certs/archive/docker03.internal.mydomain.com:ro'
      - '/etc/letsencrypt/live/docker03.internal.mydomain.com:/certs/live/docker03.internal.mydomain.com:ro'

networks:
  elastichq:

Inside the container, I can see the .pem certs from Let's Encrypt. Is there a way to serve the web interface using these certs?

bash-4.4# ls -la /certs/live/docker03.internal.mydomain.com/
total 28
drwxr-xr-x    2 root     root          4096 Nov 21 13:17 .
drwxr-xr-x    3 root     root          4096 Dec 13 18:51 ..
-rw-r--r--    1 root     root           692 Jul 23 14:40 README
lrwxrwxrwx    1 root     root            60 Nov 21 13:17 cert.pem -> ../../archive/docker03.internal.mydomain.com/cert3.pem
lrwxrwxrwx    1 root     root            61 Nov 21 13:17 chain.pem -> ../../archive/docker03.internal.mydomain.com/chain3.pem
lrwxrwxrwx    1 root     root            65 Nov 21 13:17 fullchain.pem -> ../../archive/docker03.internal.mydomain.com/fullchain3.pem
lrwxrwxrwx    1 root     root            63 Nov 21 13:17 privkey.pem -> ../../archive/docker03.internal.mydomain.com/privkey3.pem

loganmarchione avatar Dec 13 '19 18:12 loganmarchione