superstreamlabs
Feature: Add secure websocket (wss) support for the UI
Current behavior
When using the UI with https the websocket connection is trying to connect via wss, but fails.
Suggested solution
Support wss so that the UI can be used fully with https.
Additional context
No response
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
I dug through the frontend a bit, and found that a possible solution would be to let the user set a custom websocket URL and PORT. That way we could easily proxy the connection with our own certificates. I am not really experienced enough with react or go for that matter to comfortably contribute. But i found that we'd need some way of adjusting this variable here: https://github.com/memphisdev/memphis/blob/33b3e5a6531b27bf046b43b8a2ff0e5f6ded05a6/ui_src/src/config.js#L17
and this one: https://github.com/memphisdev/memphis/blob/33b3e5a6531b27bf046b43b8a2ff0e5f6ded05a6/ui_src/src/App.js#L81
Just an idea I had, and something that would be a good solution for me ¯\(ツ)/¯
For those users who wants to be able to run Memphis via docker and accessing the UI through a reverse proxy + https, we should allow to add certificates as supported when deploying Memphis with Helm. Until then users who run Memphis this way experience issue with the UI which can not connect with the WS server
@idanasulinmemphis a regular reverse proxy with non-root location is confirmed to not being supported (see discord discussion https://discord.com/channels/963333392844328961/1171880661406195733). It is beneficial when it is deployed among an ecosystem of different microservices under the same public FQDN. However, SSL offloading can be managed at reverse proxy level with tools like Traefik, nginx, Caddy, etc IMHO
@yanivbh1 do you think I should open another dedicated ticket for the feature request of reverse proxy support?
Hey @francbartoli , in case it does not appear here https://memphis.dev/roadmap the answer is yes. Adding @valeraBr and @bkochauri-memphis as well. Thanks!