Comments (4)
I've been exploring recently exposing websites outside of a VPN, and it seems that it would be simpler to use a reverse proxy indeed to deal with TLS termination. This workaround would also allow to keep down the volume of code to maintain.
Maybe we could just include a docker-compose file that sets up a ktra image and nginx-certbot to give users a quick way to set up https if they do not already have a RP setup (assuming that users who have a RP already will know how to add https to ktra in their setup). What do you think ?
from ktra.
I think the end goal should be to have a https feature in ktra, but I agree that not a priority. I believe that would be nice cause a proxy have a cost and I think we go for an all in one registry with sparse-registry
meaning a registry could need to handle A LOT of request. This make a user depend on third tool.
Handle TLS look trivial in warp exemple doc.
BTW certbot + docker pose a lot of problem and that not trivial at all to understand. (use docker stack and certbot is not easy at all, that work for simple docker use but any docker swarm use and you run into difficulty)
from ktra.
Makes sense. I was thinking about the pains of making a valid certificate, but I suppose this is an orthogonal problem to having tls handled in the server app.
from ktra.
I have a docker-compose that uses caddy as a reverse proxy. Certs are issued automatically and it works fantastic with ktra. I can make a pr if you're all interested
from ktra.
Related Issues (20)
- Delete versions / crates
- Add verbosity option to `ktra` command?
- Dependency listed incorrectly if it has aliased
- Announcement: About the development of Ktra in future HOT 4
- Error 404 when trying to publish without a token (should be 400) HOT 2
- git error: corrupted loose reference file: FETCH_HEAD when trying to mirror crates.io
- No push to remote repo HOT 2
- Renamed packages aren't usable HOT 2
- Downloading ktra's crates.io mirror may fail when tried from some Cargo versions
- Change error message for unauthorized push to show name or login
- Self contained docker stack
- Add auth feature to manage download crates HOT 4
- [Maintenance] Publish 0.7.0 HOT 4
- Ktra panics when using Mongo db backend HOT 3
- Store crates on S3
- Ktra openid doesn't install via cargo HOT 2
- ktra 0.7.0 - Failed to build with "--no-default-features --features=secure-auth,db-mongo" and "--no-default-features --features=secure-auth,db-redis"
- feat: verdaccio equivalent
- cargo build fails HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ktra.