Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only use https #17

Closed
AndrewRozendal opened this issue Jan 22, 2018 · 6 comments
Closed

Only use https #17

AndrewRozendal opened this issue Jan 22, 2018 · 6 comments

Comments

@AndrewRozendal
Copy link
Owner

Force https to ensure secure when transmitting credentials etc. Minimal performance overhead so will just force all the time.

@AndrewRozendal
Copy link
Owner Author

Have created certificates with certbot but cannot gain access to them from docker - permissions error with volumes: - ./app:/home/node/app - /etc/letsencrypt/:/etc/letsencrypt in docker-compose file

Problem: The certificates are owned by root on the server. But what permissions is docker-compose running with? And is it ok to change permissions for the certificates?

@AndrewRozendal AndrewRozendal changed the title Force https Only use https Jan 23, 2018
@AndrewRozendal
Copy link
Owner Author

Is there possibly something to do with the node image running as user: "node" ?

@AndrewRozendal
Copy link
Owner Author

Confirmed, if user: "root" in docker-compose.yml then will work completely on deploy. So need to get node to have permissions to files somehow. Also, forcing https breaks mongodb connection (no real surprise there)

AndrewRozendal added a commit that referenced this issue Jan 23, 2018
… access to certs. Added link in volumes to /etc/letsencrypt to access certs See #17
@AndrewRozendal
Copy link
Owner Author

Solving mongo should be as easy as requesting https instead. Also, once stable need to get digitalocean to redirect http to https automatically

@AndrewRozendal
Copy link
Owner Author

Solution?

docker/compose#3270

@AndrewRozendal
Copy link
Owner Author

AndrewRozendal commented Jan 25, 2018

Spoke with Jason today. Decided to let Node container run as root. TODO: Reroute all http traffic to https. Also redirect www
See https://stackoverflow.com/questions/7450940/automatic-https-connection-redirect-with-node-js-express

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant