Replies: 1 comment
-
Thank you for this. The documentation appeared to suggest https was not possible: https://athensresearch.github.io/docs/developer_guide/self-hosted#cannot-connect-to-athens-via-https So now I can go ahead and set this up. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I've spent some time to configure https for the server, so decided to put down a post. For many it might be obvious, but for some this might be helpful.
Athens https server setup
Overview
This setup is done on a Ubuntu server in Azure cloud. I've chosen to run Athens server as a set of docker container services that will provide http connectivity to the web client as well as http-based connectivity for the Athens application. Installation details from the Athens team can be found here https://athensresearch.github.io/docs/developer_guide/self-hosted#docker
To upgrade it to https you will need
nginx
on that servercertbot
/setup certificates and https your own waynginx
forward https requests to local websocketSteps
nginx in docker container?
We will be using
nginx
outside of containers. This will allow to control the webserver aside from the Athens server. First of all, lets make sure thatdocker-compose up --detach
will not startnginx
. This will allow us to use all the commands provided in the setup procedures by the Athens team (https://athensresearch.github.io/docs/developer_guide/self-hosted#docker) during further updates/upgrades without any modifications to the downloadeddocker-compose.yml
. To achieve this you need to create an override filedocker-compose.override.yml
with the following content:The key here is the
profiles
line as it forcesdocker-compose up
command to ignore thenginx
service unless the specific profile is called. This way the originalnginx
section ofdocker-compose.yml
is overriden by a profiled section, that is excluded from a 'normal' start.Ubuntu nginx installation
You have now
nginx
installed on your server but not ready to serve web pages. you have to start the nginx. You can do this by using this command:This will start a default
nginx
configuration. Good time to make a test connection and see if web pages are served.certbot installation and configuration
To serve https traffic you will need to install a SSL certificate. The easiest way to do it is by using Let's Encrypt certificate authority that provides free SSL certificates.
First, install the Let's encrypt client, called certbot
Then start a wizard that will lead you through the setup
nginx configuration
nginx
configuration is based on the config file that Athens team provides in the https://github.com/athensresearch/athens/blob/main/nginx.confI've made nginx forward all insecure http connections to https and moved the actual Athens serving setup under https. With this setup the http connection will proxy websocket to localhost:3010. Substitute athens.webserver.com with your server name and make sure that the certificate paths are correct.
Connecting to the server
With this setup you can connect to the server either via web client, pointing it to
https://athens.webserver.com
, or via the Athens client via Add database dialog, by selecting Join remote tab, giving this database any name you like and puttinghttps://athens.webserver.com
in the Remote address field.Beta Was this translation helpful? Give feedback.
All reactions