(github.com)

188 points jcbhmr | 1 comments | 14 Nov 24 03:04 UTC | HN request time: 0.348s | source

Show context

pushupentry1219 ◴[14 Nov 24 04:54 UTC] No.42133267[source]▶

Not sure how I feel about the HTTPS/TLS related bits. These days anything I write in Go uses plain HTTP, and the TLS is done by a reverse proxy of some variety that does some other stuff with the traffic too including security headers, routing for different paths to different services, etc. I never run a go web application "bare", public facing, and manually supplying cert files.

replies(6): >>42133422 #>>42133588 #>>42133628 #>>42134049 #>>42134283 #>>42135953 #

bayindirh ◴[14 Nov 24 05:38 UTC] No.42133422[source]▶

>>42133267 #

While I understand the sentiment, this makes bare installations too hard.

A big project not handling HTTPS themselves (like docmost), adds tons of complexity on the server side. Now, I have to install that service as a container to isolate that, then need to add a reverse proxy on top, etc.

That leads to resource inflation when I just want to use a small VM for that single task. Now, instead I deploy a whole infrastructure to run that small thing.

replies(4): >>42133440 #>>42133543 #>>42133601 #>>42133665 #

yjftsjthsd-h ◴[14 Nov 24 06:13 UTC] No.42133543[source]▶

>>42133422 #

> Now, I have to install that service as a container to isolate that, then need to add a reverse proxy on top, etc.

Why? I've run plenty of normal non-containerized apps that bind localhost:1234 and then are reverse proxied by nginx or caddy or whatever.

(I agree that you would need a reverse proxy, I think that's kinda the point, it's the container thing I don't get)

replies(2): >>42133573 #>>42133664 #

1. rjh29 ◴[14 Nov 24 06:18 UTC] No.42133573[source]▶

>>42133543 #

Global vs local variables.

↑

Go-Safeweb