Feature req. Environment variable for serving HTTPS without reverse proxy

[beppe9000]

I saw this: https://github.com/errbit/errbit/blob/master/docs/deployment.md

Since the server already hosts cpanel I want to provide its own subdomain cert &key and let errbit serve itself over HTTPS on some non-conventional port. I didn't find a way to specify that in environment config, tough.

I propose to add an entrypoint script that checks for a SERVE_HTTPS=1 and runs the appropriate command passing SSL_CERTIFICATE_PATH and SSL_CERTIFICATE_KEY_PATH to it.

---

by the way I also saw saw that the dockerfile does not use the /health/liveness endpoint described in the above file

errbit/Dockerfile

Line 40 in e78b439

HEALTHCHECK CMD curl --fail "http://$(/bin/hostname -i | /usr/bin/awk '{ print $1 }'):${PORT:-8080}/users/sign_in" || exit 1

[stevecrozz]

Are you saying that you find it inconvenient to configure puma with its configuration file and you'd prefer a way to do it using environment variables?

[beppe9000]

correct. i don't have experience with ruby/rails/puma so i'd rather pass cert+key with environment variables 😅

[stevecrozz]

I could see adding some more environment variable friendly config for puma. Maybe you could play with adding something like:

bind(ENV['PUMA_BIND'], "tcp://0.0.0.0:#{ENV['PORT'] || 8080}")

to https://github.com/errbit/errbit/blob/master/config/puma.default.rb

This way you could pass a PUMA_BIND variable to accomplish your TLS configuration and many other things that puma supports in https://github.com/puma/puma/blob/v3.12.2/lib/puma/dsl.rb#L123-L142

You could pass something like this as in the puma example:
PUMA_BIND='ssl://127.0.0.1:9292?key=key.key&cert=cert.pem'

[beppe9000]

thanks for the support, i'll try that