ske087/digiserver-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
48f1bfbcad285fd0ace13a369acef3b7362e2670
digiserver-v2/old_code_documentation/HTTPS_QUICK_REFERENCE.md
Quality App Developer 48f1bfbcad Add HTTPS configuration management system 
- Add HTTPSConfig model for managing HTTPS settings
- Add admin routes for HTTPS configuration management
- Add beautiful admin template for HTTPS configuration
- Add database migration for https_config table
- Add CLI utility for HTTPS management
- Add setup script for automated configuration
- Add Caddy configuration generator and manager
- Add comprehensive documentation (3 guides)
- Add HTTPS Configuration card to admin dashboard
- Implement input validation and security features
- Add admin-only access control with audit trail
- Add real-time configuration preview
- Integrate with existing Caddy reverse proxy

Features:
- Enable/disable HTTPS from web interface
- Configure domain, hostname, IP address, port
- Automatic SSL certificate management via Let's Encrypt
- Real-time Caddyfile generation and reload
- Full audit trail with admin username and timestamps
- Support for HTTPS and HTTP fallback access points
- Beautiful, mobile-responsive UI

Modified files:
- app/models/__init__.py (added HTTPSConfig import)
- app/blueprints/admin.py (added HTTPS routes)
- app/templates/admin/admin.html (added HTTPS card)
- docker-compose.yml (added Caddyfile mount and admin port)

New files:
- app/models/https_config.py
- app/blueprints/https_config.html
- app/utils/caddy_manager.py
- https_manager.py
- setup_https.sh
- migrations/add_https_config_table.py
- migrations/add_email_to_https_config.py
- HTTPS_STATUS.txt
- Documentation files (3 markdown guides)
2026-01-14 12:02:49 +02:00

5.4 KiB
Raw Blame History

HTTPS Configuration - Quick Reference Guide

🎯 Quick Access

Admin Panel Location: Main Dashboard → 🔒 HTTPS Configuration (Purple card)

Quick Setup (5 Minutes)

1. Initial State

Your app is running on HTTP. Access: http://10.76.152.164

2. Navigate to HTTPS Config

  • Admin Panel → 🔒 HTTPS Configuration

3. Configure (Fill In)

Field Value Example
Hostname Server short name digiserver
Domain Full domain name digiserver.sibiusb.harting.intra
IP Address Server IP 10.76.152.164
Port HTTPS port (default 443) 443

4. Enable HTTPS

  • Toggle: Enable HTTPS
  • Click: 💾 Save HTTPS Configuration

5. Verify

  • Configuration shows as "ENABLED"
  • Access via: https://digiserver.sibiusb.harting.intra
  • Check status card for current settings

🔍 Status Display

Enabled State 

✅ HTTPS ENABLED
Domain: digiserver.sibiusb.harting.intra
Hostname: digiserver
IP Address: 10.76.152.164
Port: 443
Access URL: https://digiserver.sibiusb.harting.intra
Last Updated: 2024-01-14 15:30:45 by admin

Disabled State ⚠️

⚠️ HTTPS DISABLED
The application is currently running on HTTP only (port 80)
Enable HTTPS below to secure your application.

🔐 Access Points

After HTTPS is Enabled

Access Type URL Use Case
Primary (HTTPS) https://digiserver.sibiusb.harting.intra Daily use, secure
Fallback (HTTP) http://10.76.152.164 Troubleshooting, direct IP access

Prerequisites Checklist

Before enabling HTTPS:

  • DNS resolves domain to IP: nslookup digiserver.sibiusb.harting.intra
  • Firewall allows port 80 (HTTP)
  • Firewall allows port 443 (HTTPS)
  • Server IP is 10.76.152.164
  • Domain is digiserver.sibiusb.harting.intra

🐛 Troubleshooting

HTTPS Not Working?

  1. Check Status

    • Admin → HTTPS Configuration
    • Verify "HTTPS ENABLED" is shown

  2. Test DNS

    nslookup digiserver.sibiusb.harting.intra

    Should resolve to: 10.76.152.164

  3. Test Ports

    # Should be reachable
telnet 10.76.152.164 443
telnet 10.76.152.164 80

  4. Check Logs

    • Admin Panel → Server Logs
    • Look for HTTPS enable/disable messages

  5. View Caddy Logs

    docker-compose logs caddy

Domain Not Resolving?

Add to hosts file (temporary):

  • Windows: C:\Windows\System32\drivers\etc\hosts
  • Mac/Linux: /etc/hosts

Add line:

10.76.152.164 digiserver.sibiusb.harting.intra

📋 Common Tasks

Enable HTTPS

  1. Go to Admin → HTTPS Configuration
  2. Toggle "Enable HTTPS"
  3. Fill in hostname, domain, IP
  4. Click "Save HTTPS Configuration"

Disable HTTPS

  1. Go to Admin → HTTPS Configuration
  2. Toggle off "Enable HTTPS"
  3. Click "Save HTTPS Configuration"
  4. App returns to HTTP only

Change Domain

  1. Go to Admin → HTTPS Configuration
  2. Update "Full Domain Name"
  3. Click "Save HTTPS Configuration"

Check Current Settings

  1. Go to Admin → HTTPS Configuration
  2. View status card at top
  3. Shows all current settings

View Configuration History

  1. Admin Panel → Server Logs
  2. Search for "HTTPS"
  3. See all changes and who made them

🎯 Configuration Examples

Default Setup (Already Provided)

Hostname: digiserver
Domain: digiserver.sibiusb.harting.intra
IP: 10.76.152.164
Port: 443

Different IP

Hostname: digiserver
Domain: digiserver.sibiusb.harting.intra
IP: 10.76.152.165  ← Change this
Port: 443

Different Domain

Hostname: myserver
Domain: myserver.company.local  ← Change this
IP: 10.76.152.164
Port: 443

🔒 Security Notes

Admin-Only Feature

  • Only administrators can access this page
  • All changes logged with admin username

Automatic SSL Certificates

  • Let's Encrypt manages certificates
  • Auto-renewed before expiration
  • No manual certificate management needed

Access Control

  • HTTP redirects to HTTPS automatically
  • Security headers automatically added
  • Safe for internal and external access

📞 Need Help?

  1. Check Documentation

    • See: HTTPS_CONFIGURATION.md for detailed guide
    • See: HTTPS_IMPLEMENTATION_SUMMARY.md for architecture

  2. View Logs

    • Admin Panel → Server Logs
    • Filter for HTTPS-related entries

  3. Test Configuration

    # Via CLI
python https_manager.py status

  4. Restart Application

    docker-compose restart

📊 Quick Status Check

CLI Command:

python https_manager.py status

Output:

==================================================
HTTPS Configuration Status
==================================================
Status:        ✅ ENABLED
Hostname:      digiserver
Domain:        digiserver.sibiusb.harting.intra
IP Address:    10.76.152.164
Port:          443
Updated:       2024-01-14 15:30:45 by admin

Access URL:    https://digiserver.sibiusb.harting.intra
Fallback:      http://10.76.152.164
==================================================

🎉 You're All Set!

Your HTTPS configuration is ready to use. The system will:

  • Manage SSL certificates automatically
  • Keep them renewed
  • Provide secure access
  • Log all configuration changes
  • Offer fallback HTTP access

That's it! Your app is now secure! 🔒

Reference in New Issue View Git Blame Copy Permalink