Cytomine-bootstrap
Cytomine-bootstrap copied to clipboard
No support for HTTPS/SSL/TLS
I've been playing around with this project. It's really cool. However, I just tried configuing the domain to serve over HTTPS, and after digging in, I think there is an issue with the server configuration.
By default, the project serves through an NGINX server on port 80
(this is a reverse proxy for the rest of the services like the API). However, from what I can tell, none of the project is configured to serve over HTTPS.
Opportunities to improve:
-
Front end Vue application sends all API requests with hard coded
http
(ie.CYTOMINE_CORE_HOST: 'http://localhost-core'
. Changing these to protocol agnostic (ieCYTOMINE_CORE_HOST: '//localhost-core'
then the request will be sent over whatever the current environment is served on. Ideally the project will always be HTTPS (see following notes). -
NGINX config does not provide any sort of setup for listening on port 443. Ideally, the project will support port 80 and optionally 443 if there is an SSL provisions. Ideally the SSL is auto-provisioned (see next note).
-
Since the project uses Docker, it would be really nice and not too difficult to automatically provision SSL certificates either within the
nginx
container or maybe as a separate container. The initialization script already has the domain name and primary email, which I believe is all that is needed.