Save 2s of boot time for DISABLE_HTTPS users by removing the need to run `puppet` on each boot

[timabbott]

See https://github.com/zulip/docker-zulip/pull/136#discussion_r201022978 for some context; basically, our implementation of the http_only feature slows down the container's startup process.

What we'll want to do is check if the hash of /etc/zulip/zulip.conf has changed since the last time the image booted, and only run puppet if it has. Since it's only a couple seconds of runtime, this is more a performance optimization than a correctness issue.

I did a small tweak to move the zulip-puppet-apply call inside the if statement, so this now only affects users doing the DISABLE_HTTPS option.

This is a somewhat important issue for some new users, but probably lower priority than most of the other issues we have open right now (especially since DISABLE_HTTPS is mostly only used for quick initial testing).

[gioragutt]

@timabbott wait, does it mean I can disable HTTPS and work with HTTP instead of HTTPS?

[timabbott]

Yes, though we don't recommend it from a security perspective.

[gioragutt]

Say I run on a private network, where I don't give a damn about the security part, and the HTTPS means that people end up doing advanced -> proceed in chrome, ignoring the self-signed certificate warning.

Is it easy to do? and if I do it, is it easy to return the the HTTPS configuration?

[timabbott]

Yes, it's easy to do and easy to return. If you're running this Docker image off of master in both this repo and the zulip/zulip one, you can just set DISABLE_HTTPS in docker-compose.yml and it'll do HTTP only. (It used to be a more annoying flow to setup).

[maltokyo]

trying this out now! Hope it helps me to run behind reverse proxy!