Search code examples
google-app-enginenginxngrok

Appengine - Local dev server with https

Goal: Reduce dev - feedback cycle by using App Engine dev server. For my use this must be available as a public HTTPS address. App Engine dev server only supports HTTP.

How to do this: Use ngrok to expose local dev environment as https publically available address.

Reverse proxy with nginx from https to http.

This seems possible, but for life of me I haven't got the config working.

I'm working with App Engine Standard Java on osx.

Other working solutions or ideas are welcome. Surely there is a way to do this.

Solution

  • I use NGINX as proxy with self signed certificate for my project https://debtstracker.io/

    Here is my NGINX config. You would also need to add some yourproject.local record to your hosts file.

        server {  # This servers dynamic content of DebtsTracker.io project over HTTPS
            listen          443;
            server_name     debtstracker.local;
            ssl                  on;
            ssl_certificate      /etc/ssl/certs/debtstracker-local.crt;
            ssl_certificate_key  /etc/ssl/private/debtstracker-local.key;

            location /app/ {
                    proxy_pass   http://localhost:8100/;
                    proxy_set_header Host $http_host;
            }

            location / {
                    proxy_pass   http://127.0.0.1:8080;
                    proxy_set_header Host $http_host;
            }
    }

    The first location is for GAE devserver and 2nd for Ionic project.

    Here is a bash file I use to generate certificates:

    #!/usr/bin/env bash
# https://www.accuweaver.com/2014/09/19/make-chrome-accept-a-self-signed-certificate-on-osx/

# https://gist.github.com/jessedearing/2351836

# Run using "sudo"

echo "Generating an SSL private key to sign your certificate..."
openssl genrsa -des3 -out debtstracker-local.key 1024

echo "Generating a Certificate Signing Request..."
openssl req -new -key debtstracker-local.key -out debtstracker-local.csr

echo "Removing pass-phrase from key (for nginx)..."
cp debtstracker-local.key debtstracker-local.key.org
openssl rsa -in debtstracker-local.key.org -out debtstracker-local.key
rm debtstracker-local.key.org

echo "Generating certificate..."
openssl x509 -req -days 365 -in debtstracker-local.csr -signkey debtstracker-local.key -out debtstracker-local.crt

echo "Copying certificate (debtstracker-local.crt) to /etc/ssl/certs/"
mkdir -p  /etc/ssl/certs
cp debtstracker-local.crt /etc/ssl/certs/

echo "Copying key (debtstracker-local.key) to /etc/ssl/private/"
mkdir -p  /etc/ssl/private
cp debtstracker-local.key /etc/ssl/private/

    Hope this helps. Took me a while to set this up.