(github.com)

188 points jcbhmr | 1 comments | 14 Nov 24 03:04 UTC | HN request time: 0.21s | source

Show context

pushupentry1219 ◴[14 Nov 24 04:54 UTC] No.42133267[source]▶

Not sure how I feel about the HTTPS/TLS related bits. These days anything I write in Go uses plain HTTP, and the TLS is done by a reverse proxy of some variety that does some other stuff with the traffic too including security headers, routing for different paths to different services, etc. I never run a go web application "bare", public facing, and manually supplying cert files.

replies(6): >>42133422 #>>42133588 #>>42133628 #>>42134049 #>>42134283 #>>42135953 #

bayindirh ◴[14 Nov 24 05:38 UTC] No.42133422[source]▶

>>42133267 #

While I understand the sentiment, this makes bare installations too hard.

A big project not handling HTTPS themselves (like docmost), adds tons of complexity on the server side. Now, I have to install that service as a container to isolate that, then need to add a reverse proxy on top, etc.

That leads to resource inflation when I just want to use a small VM for that single task. Now, instead I deploy a whole infrastructure to run that small thing.

replies(4): >>42133440 #>>42133543 #>>42133601 #>>42133665 #

1. ◴[14 Nov 24 06:24 UTC] No.42133601[source]▶

>>42133422 #

↑

Go-Safeweb