Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Discussion: provide an option to generate nginx with letsencrypt SSL automatically #4

Closed
calvinchengx opened this issue Feb 12, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@calvinchengx
Copy link

commented Feb 12, 2018

I was thinking how we can update your implementation to provide such an option.

How do you think this can be done? Happy to explore and contribute if you can provide some general directions.

@regisb

This comment has been minimized.

Copy link
Collaborator

commented Feb 12, 2018

Hmmm... indeed, as it is mentioned in the readme, SSL certificates are not supported for now. We could probably generate SSL certificates transparently, but it would add quite a lot of complexity to support both HTTP and HTTPS. I really don't want the dockerfiles to be overly complex. But let's keep this issue open and I'll try to think of something.

@regisb regisb added the enhancement label Feb 12, 2018

@regisb

This comment has been minimized.

Copy link
Collaborator

commented Mar 4, 2018

Ok I've given some thought about this. One of the things I do not want to do in this project is to replace actual documentation by code. This is what the Open edX ansible playbooks do: replace installation instructions by undocumented scripts and environment variables. I do not want to fall in the same trap.

On the other hand, SSL encryption is an important feature for many Open edX platforms. Just like forums, paid certificates, insights, etc. What I would like to do is to tell the users: "if you need this feature, just take a look at the following documentation". Unfortunately, in most cases, this documentation does not exist. For instance, the official documentation does not explain how to install SSL (let alone Let's Encrypt) certificates on an existing Open edX platform.

So, to answer your question: I am not going to provide the option to automatically generate and use SSL certificates in this project. However, we should provide pointers to the users to explain how to set up SSL certificates. I don't know if we should make an upstream contribution to the Open edX documentation or document this here. Basically, if ansible playbooks are the only way to go from the point of view of Open edX, then it would not make sense to insert detailed instructions in the official documentation. On the other hand, I'm not very excited by the perspective of running a competing Open edX documentation repository. This is a debate for another time... Meanwhile, I'll close this issue. Feel free to comment on it, though.

@regisb regisb closed this Mar 4, 2018

@regisb

This comment has been minimized.

Copy link
Collaborator

commented May 17, 2018

I'm bookmarking this for myself: https://traefik.io/ is a reverse HTTP proxy that comes with native SSL certificates support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.