New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem: http server doesn't support HTTPS #405
Comments
Heyy @yrashk is the issue still open ? I would like to contribute ? |
@bilalshaikh292 it's open! |
Please assign this issue to me ,I would love to contribute |
hey, @yrashk, is there a reasonably easy way to get this extension running in a nix environment with the extensions? when I set up the nix environment, it seemed like some of the extensions like httpd were not included and I noticed that there was a TODO regarding this in the nix files. The only way I could get a local setup running for now was using Docker by commenting out the Rust part which was pretty slow. Even with these changes the Docker build is quite slow if I want to change some C code (since Docker caching does not work). |
The Nix bits will likely be deprecated soon as they are not actively maintained. Building Omnigres as is, without a container, is fairly easy: https://github.com/omnigres/omnigres?tab=readme-ov-file#building--using-extensions With this process, testing changes takes few seconds. The Docker images are not meant for the development of Omnigres itself. |
thanks! finally figured it out that I had create the extension after that executing the make target :) |
Indeed, this should be spelled out better. There are subtle reasons why it's not done by default (although we may reconsider them) |
hey, @yrashk, been making some minor progress with this... I was attaching the OpenSSL context here to omnigres/extensions/omni_httpd/http_worker.c Line 239 in 0e6be65 I'm wondering if this is the correct approach? One option would be to add another join to the handlers query which would perform a left join with new certificates table on listener_id. |
@UkuLoskit, broadly seems right overall and with respect to the join. As for reading the results at a later point, I don't think anything is stopping us from reading them twice. The results are effectively in an array anyway ( omnigres/extensions/omni_httpd/http_worker.c Lines 265 to 267 in 0e6be65
|
This is not because H2O (the HTTP server we use) doesn't (it does); it's because we never added this configuration knob.
However, this is an important step for running the entire stack without additional tools.
Proposed solution: add a way to configure certificates
The grand vision notwithstanding, we need to figure out a short path to this configurability. Some options:
omni_httpd.certificates
(name TBD) table would list actual certificates, and how we match them to listeners can be very interesting: chances are, we can match a certificate by SNI (and maybe listener ID?), making it a super-easy setup. My reading of h2o suggests that's quite possible.NB: Before implementing this bounty, please provide a rough plan for review to ensure your effort will be most fruitful.
Not in scope for this bounty:
Other comments:
Eventually, much of omni_httpd functionality will be extracted into omni_workers, but this will still be useful as the HTTP-specific block will remain.
Bounty size: $250
Read more about bounties
The text was updated successfully, but these errors were encountered: