Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Activating HTTPS kills HTTP #203

Open
P1514 opened this issue May 12, 2023 · 7 comments
Open

Activating HTTPS kills HTTP #203

P1514 opened this issue May 12, 2023 · 7 comments
Labels
feature New feature or request help wanted Extra attention is needed

Comments

@P1514
Copy link

P1514 commented May 12, 2023

Hello,

I'm currently trying to deploy this on truenas (docker)

Without HTTPS it asks for Shared....

When I configure HTTPS, it works (locally on the docker) with one catch. HTTP requests don't get forwared/upgraded to HTTPS. Just empty reply from server

This is an issue, since truenas detect the app is up by calling http://XXXX:5006, and since HTTP fails the app is never up so forwarding is never active.

Anyone else experiencing this issue?

@j-f1
Copy link
Contributor

j-f1 commented May 12, 2023

I don’t know if there is a way to configure Node.js’s HTTPS module to do that redirect, but if you can figure it out it would be much appreciated!

@j-f1 j-f1 added feature New feature or request help wanted Extra attention is needed labels May 12, 2023
@P1514
Copy link
Author

P1514 commented May 12, 2023

Nodejs is definetly not my confort language.
Quick search I think the best way would be to have two listeners http on 5006 and https on 5007, http would forward to https if it is configured.

I'll try to do something on my end see if it would work

@j-f1
Copy link
Contributor

j-f1 commented May 13, 2023

I don’t know if we would want to do that since it would break containers for people who already have them set up to use HTTPS. There seems to be a package httppolyglot that handles running both servers on the same port but it’s old and unmaintained.

@rich-howell rich-howell added feature New feature or request and removed feature New feature or request labels Jun 2, 2023
@AdrianAcala
Copy link

AdrianAcala commented Jun 4, 2023

@P1514 , I put in a fix. Please try my PR and let me know if that fixes it.

If it doesn't, please share how to recreate the issue and I'll try again.

@kamarkiewicz
Copy link

Hi, I would like to suggest a different approach if I may. You can add a reverse proxy like nginx to that docker image. It can handle both protocols on one port, redirect HTTP to HTTPS, and work well with services like TrueNAS that does HTTP checks. Sample nginx config:

server {
    listen 5006 ssl http2;
    listen 5006;

    server_name localhost;

    ssl_certificate /path/to/your/server.cert;
    ssl_certificate_key /path/to/your/server.key;

    # Redirect all HTTP traffic to HTTPS
    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }

    location / {
        proxy_pass http://localhost:3000; # Actual internal port here
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

@AdrianAcala
Copy link

Sorry, this issue should be closed. I thought there was an issue with the applications and the mix up between HTTP and HTTPS, but it turns out a simple Nginx config like @kamarkiewicz would suffice.

@tcrasset
Copy link
Contributor

Indeed, it should be left to the reverse proxy to either upgrade all HTTP calls to HTTPS, or drop them all together.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature New feature or request help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

6 participants