Sourcegraph's development environment ships with a Caddy 2 HTTPS reverse proxy that allows you to access your local sourcegraph instance via https://sourcegraph.test:3443 (a fake domain with a self-signed certificate that's added to /etc/hosts).
If you'd like Sourcegraph to be accessible under https://sourcegraph.test (port 443) instead, you can set up authbind and set the environment variable SOURCEGRAPH_HTTPS_PORT=443.
In order to configure the HTTPS reverse-proxy, you'll need to edit /etc/hosts and initialize Caddy 2.
sourcegraph.test needs to be added to /etc/hosts as an alias to 127.0.0.1. There are two main ways of accomplishing this:
- Manually append
127.0.0.1 sourcegraph.testto/etc/hosts - Use the provided
./dev/add_https_domain_to_hosts.shconvenience script (sudo may be required).
> ./dev/add_https_domain_to_hosts.sh
--- adding sourcegraph.test to '/etc/hosts' (you may need to enter your password)
Password:
Adding host(s) "sourcegraph.test" to IP address 127.0.0.1
--- printing '/etc/hosts'
...
127.0.0.1 localhost sourcegraph.test
...Caddy 2 automatically manages self-signed certificates and configures your system so that your web browser can properly recognize them. The first time that Caddy runs, it needs root/sudo permissions to add
its keys to your system's certificate store. You can get this out the way after installing Caddy 2 by running the following command and entering your password if prompted:
./dev/caddy.sh trustNote: If you are using Firefox and have a master password set, the following prompt will come up first:
Enter Password or Pin for "NSS Certificate DB":
Enter your Firefox master password here and proceed. See this issue on GitHub for more information.
You might need to restart your web browsers in order for them to recognize the certificates.