Only use https

[AndrewRozendal]

Force https to ensure secure when transmitting credentials etc. Minimal performance overhead so will just force all the time.

[AndrewRozendal]

Have created certificates with certbot but cannot gain access to them from docker - permissions error with volumes: - ./app:/home/node/app - /etc/letsencrypt/:/etc/letsencrypt in docker-compose file

Problem: The certificates are owned by root on the server. But what permissions is docker-compose running with? And is it ok to change permissions for the certificates?

[AndrewRozendal]

Is there possibly something to do with the node image running as user: "node" ?

[AndrewRozendal]

Confirmed, if user: "root" in docker-compose.yml then will work completely on deploy. So need to get node to have permissions to files somehow. Also, forcing https breaks mongodb connection (no real surprise there)

[AndrewRozendal]

Solving mongo should be as easy as requesting https instead. Also, once stable need to get digitalocean to redirect http to https automatically

[AndrewRozendal]

Solution?

docker/compose#3270

[AndrewRozendal]

Spoke with Jason today. Decided to let Node container run as root. TODO: Reroute all http traffic to https. Also redirect www
See https://stackoverflow.com/questions/7450940/automatic-https-connection-redirect-with-node-js-express