Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch to HTTPS as the default port binding #402

Open
vpetersson opened this issue Apr 28, 2016 · 2 comments · May be fixed by #1940
Open

Switch to HTTPS as the default port binding #402

vpetersson opened this issue Apr 28, 2016 · 2 comments · May be fixed by #1940
Labels
enhancement wontfix

Comments

@vpetersson
Copy link
Contributor

With recent Raspberry Pis being powerful, it's no longer very expensive to run Nginx as a reverse proxy. This is also a more standardized way of serving web apps, so let's do this.

Here's what we need to do:

Ansible

  • Remove enable-ssl from the SKIP_TAGS
  • Remove /bin/enable_ssh.sh

App

  • Change the Gunicorn binding in server.py to bind on a UNIX socket (/var/run/screenly.socket)
  • Remove the listen line in screenly.conf

Nginx

  • Re-configure Nginx to listen on listen on 8080 as well (80, 443, 8080)
  • Reconfigure Nginx the's 'ose' upstream to use the UNIX socket
  • Add a forwarding rule to redirect :8080 -> :443
@vpetersson
Copy link
Contributor Author

@over64 raised a good point. We might not want to do this as the default as it will throw an error message for all users (self-signed cert).

Perhaps we should instead not redirect everything to :443 by default, but rather make that conditional. We could do that with an include file or something similar.

@vpetersson vpetersson modified the milestone: Sprint 0 May 3, 2016
@vpetersson vpetersson mentioned this issue May 3, 2016
Closed
@stale
Copy link

stale bot commented Aug 13, 2018

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix label Aug 13, 2018
@nicomiguelino nicomiguelino linked a pull request Jun 21, 2024 that will close this issue
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement wontfix
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enables HTTPS in Anthias nicomiguelino/Anthias
1 participant
@vpetersson