From 8309a2cb20a8513737d1374c5c17648474b25856 Mon Sep 17 00:00:00 2001
From: Frederik Ring <frederik.ring@gmail.com>
Date: Thu, 25 Apr 2019 20:08:17 -0600
Subject: [PATCH] enable using ssl in local development

---
 .editorconfig      |  2 +-
 .gitignore         |  3 +++
 README.md          | 28 ++++++++++++++++++++++++++++
 docker-compose.yml |  6 +++++-
 4 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 .gitignore

diff --git a/.editorconfig b/.editorconfig
index 5461e42..98fc8b5 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -10,6 +10,6 @@ insert_final_newline = true
 trim_trailing_whitespace = true
 indent_style = tab
 
-[{*.js,*.yml,Gopkg.toml}]
+[{*.js,*.yml,*.md,Gopkg.toml}]
 indent_style = space
 indent_size = 2
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..4436d8a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.vscode
+# mkcert certificates
+*.pem
diff --git a/README.md b/README.md
index 6d5b527..cfef486 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,34 @@ Guidelines for running and developing the Software will be added when it makes s
 
 ### Developing the application
 
+#### Local cookies and SSL
+
+In local development __offen__ requires to be served both via SSL (in order to use window.crypto) as well as a `local.offen.org` host.
+
+This requires the following steps to be taken:
+
+1. Edit your `/etc/hosts` to include the following line:
+  ```
+  127.0.0.1       local.offen.org
+  ```
+2. Install and setup [mkcert](https://github.com/FiloSottile/mkcert). Assuming you have Go installed, this looks like:
+  ```
+  $ go get -u github.com/FiloSottile/mkcert
+  $ mkcert -install
+  ```
+3. Navigate into the repository root and create a local certificate and key for the `local.offen.org` host:
+  ```
+  $ mkcert local.offen.org
+  ```
+
+You can test setup by starting the application:
+
+```
+$ docker-compose up
+```
+
+Now you should be able to access <https://local.offen.org:8080/status> in your browser without any security warnings.
+
 #### `server`
 
 To work on the `server` you will need to install `docker-compose` and Go 1.12+.
diff --git a/docker-compose.yml b/docker-compose.yml
index 04a56ff..8a99927 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -3,13 +3,15 @@ server:
   working_dir: /server
   volumes:
     - ./server:/server
+    - ./local.offen.org.pem:/server/local.offen.org.pem
+    - ./local.offen.org-key.pem:/server/local.offen.org-key.pem
     - $GOPATH/pkg/mod:/go/pkg/mod
   environment:
     - GOPATH=/go
     - POSTGRES_CONNECTION_STRING=postgres://postgres:develop@database:5432/postgres?sslmode=disable
   ports:
     - 8080:8080
-  command: go run cmd/server/main.go -conn postgres://postgres:develop@database:5432/postgres?sslmode=disable
+  command: go run cmd/server/main.go -conn postgres://postgres:develop@database:5432/postgres?sslmode=disable -key local.offen.org-key.pem -cert local.offen.org.pem
   links:
     - database
 
@@ -23,6 +25,8 @@ vault:
   working_dir: /vault
   volumes:
     - ./vault:/vault
+    - ./local.offen.org.pem:/vault/local.offen.org.pem
+    - ./local.offen.org-key.pem:/vault/local.offen.org-key.pem
   command: npm start -- --port 9977
   ports:
     - 9977:9977