Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Seamless HTTPS without certificate warnings: integrate nodecert/https-server #519

Open
aral opened this issue Feb 26, 2019 · 3 comments
Open

Comments

@aral
Copy link

aral commented Feb 26, 2019

https-server-v1 0 4

This is a 🙋 feature request.

As documented in the readme, the expected behaviour of Bankai currently is to present a certificate error in the browser on first use.

I just released nodecert (github mirror), which uses mkcert to create locally-trusted certificates. I also just released https-server (github mirror) which uses nodecert to provide a seamless experience for running a local development server over port 443.

To try it out with some static content:

  1. npm i -g @ind.ie/https-server
  2. https-server [folder-to-serve]
  3. Go to https://localhost to view the site without certificate warnings.

One of the reasons I wrote these is because I am considering using Choo and Bankai for my next project and I’d love to see this seamless workflow integrated. I wanted to get your thoughts on (a) whether this is something you’d like to see in Bankai and (b) if you had any thoughts on how best to integrate it before kicking off by myself :)

@goto-bus-stop
Copy link
Member

goto-bus-stop commented Feb 28, 2019

this looks rad! there is potentially a licensing problem because bankai is MIT, and afaik that doesn't let us use AGPL software.

are there any side effects to running this? for example, if someone tries out bankai and decides it doesn't fit their use case, will they have a certificate authority thing stored somewhere forever? if so, it might be best to integrate it as a command you can run (eg bankai cert), and log a message telling you about that command in bankai start.

@aral
Copy link
Author

aral commented Feb 28, 2019

Thanks :)

Re: the license, yes, you’re right: you cannot use AGPL/GPL in an MIT project but you can do it the other way around. Just out of curiosity, was there a specific reason for the MIT licensing decision? (Given that Bankai/Choo appear to be for individuals and not for corporate use and if the latter uses them it would be good to force them to give back, it might make sense to license it under AGPL.)

Re: side-effects. Yes, the certificates and the root certificate store would remain. This is definitely something the person should be made aware of but it also means that any other dev server can use them in the future (e.g., if you’re using https-server directly).

@aral
Copy link
Author

aral commented Mar 3, 2019

Just a quick update, I made an internal fork of Bankai for the Hypha project and implemented https-server as well as some simplifications (I don’t need SSR-rendering of Choo apps, for example).

Here’s the source, in case it helps:

https://source.ind.ie/hypha/tools/web-compiler

Also, I added an example to the readme with the initial Hypha project scaffolding code so you can see how I’m using it.

Thank you all for Bankai and Choo – they’re amazing. Being able to have HTTPS routes, WebSocket routes, and static routes co-exist with live reload at development time rocks (using SSE was a masterstroke) ;) As is the auto Service Worker support.

❤️ 🎈

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants