-
Notifications
You must be signed in to change notification settings - Fork 738
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correct the ports in docker-compose file #76
Correct the ports in docker-compose file #76
Conversation
Fixes #76 |
Thank you for the pull request. I agree there's some mistakes in here but there's a few things I'm not a fan in your commit: A proper setup would need some sort of reverse proxy that isn't included in the docker compose file yet and configure with SSL. WIP |
Nuage shouldn't be directly exposed to the web therefore it's better to run it on a different port than 80.
Okay I've corrected the port now. |
I got the same kind of config
I do exactly the same. For my particular config which seem the same as yours, I don't see a point in having SSL inside the application. I might be wrong but as I see it, if the reverse proxy is owned, so as the applications that run throught it. |
For small networks that's true. If you have a bigger network it makes sense to have all the traffic encrypted. E.g. in a company otherwise someone can sniff the traffic if he connects to the network. I reckon that depends on the setup and the attack doesn't it? I have all services running in a separate VM. If just the reverse proxy itself gets hacked then the other servers should be fine. If it's the application that gets hacked maybe only that server is at risk? However I don't really know enough about this to be sure. |
Fully agree, that's just not my setup as I only got 1 machine + 1 IP and all the services running as a container in the same machine where the reverse proxy is. For my particular use case, SSL inside nuage is overkill, the only way to sniff would be to own the machine, thus already have access to it. When I mean overkill it's just I'm too lazy to make it work as it wouldn't provide much benefits. If someone is interested in making changes to add SSL inside nuage, it will be merge, I just don't have any need for this.
Two things here:
|
I have them surely not on the proxy ;)
Ah that's a good point. Didn't think about the credentials. |
No description provided.