Is this a new feature request?
Wanted change
Given that the Smokeping container uses Apache to serve the web interface, would it be too much of a stretch to include the required modules for HTTPS as well in the build and allow users to choose whether they want to use plaintext or encrypted connections? Self-signed certificates can be considered suitable, but options for proper certificates can also be provided with the correct environment variables or correct config files.
I am looking at modifying the container to test and am open to submitting a PR if I can get it to work, but do not want to go through the effort if there is no interest or intention to merge.
Reason for change
If you use basic auth and your instance is accessed over the internet, username and password are submitted in cleartext. Even if you pass through a proxy, if the proxy and container are remote to each other, information (including credentials) will be passed in plaintext.
The ability to use self-signed certificates inside the container will mitigate this to a large degree. The initial goal here is simply to secure communications, not necessarily sign with valid public certificates (but this can be done as well).
Proposed code change
No proposal as yet, merely looking for feedback.
Is this a new feature request?
Wanted change
Given that the Smokeping container uses Apache to serve the web interface, would it be too much of a stretch to include the required modules for HTTPS as well in the build and allow users to choose whether they want to use plaintext or encrypted connections? Self-signed certificates can be considered suitable, but options for proper certificates can also be provided with the correct environment variables or correct config files.
I am looking at modifying the container to test and am open to submitting a PR if I can get it to work, but do not want to go through the effort if there is no interest or intention to merge.
Reason for change
If you use basic auth and your instance is accessed over the internet, username and password are submitted in cleartext. Even if you pass through a proxy, if the proxy and container are remote to each other, information (including credentials) will be passed in plaintext.
The ability to use self-signed certificates inside the container will mitigate this to a large degree. The initial goal here is simply to secure communications, not necessarily sign with valid public certificates (but this can be done as well).
Proposed code change
No proposal as yet, merely looking for feedback.