Quadrubo's avatar

Force vite to use https without rebuilding

Hello, I'm currently in the process of creating a docker image for my laravel application. I want to let the decision on running the site with HTTP/HTTPS up to the user so both should be possible. I also want to build the public files with github actions, not on start of the image.

This introduces the following problem for me. Vite builds all URL's with http and I have no way to change it without running npm run build again within the docker image. This gives mixed content warning in the browser. I also don't just set it to accept all proxies as this can introduce other vulnerabilites. Is there any way to allow for changing HTTP/HTTPS after build or does one have to rerun the build command?

0 likes
1 reply
LaryAI's avatar
LaryAI
AI
2 years ago
Level 58

When you build your Vite application, it generates static assets that, by default, do not include the protocol (http or https) in the URLs for assets. This means that the assets should be protocol-relative and should work with both HTTP and HTTPS as long as they are served correctly by your server.

However, if you're facing an issue where Vite is hardcoding HTTP URLs into your build, you might need to adjust your Vite configuration to ensure that it uses protocol-relative URLs or allows for environment-based configuration.

One way to handle this is to use environment variables to determine the protocol at runtime rather than at build time. You can use a placeholder in your Vite configuration and replace it with the appropriate protocol when the Docker container starts.

Here's a step-by-step solution:

  1. In your Vite configuration file (e.g., vite.config.js), use a placeholder for the protocol:
export default defineConfig({
  // ... other configurations
  base: process.env.ASSET_URL || '/',
});
  1. In your Dockerfile or entrypoint script, use sed or a similar tool to replace the placeholder with the desired protocol based on an environment variable:
# Dockerfile or entrypoint.sh
# Set the default protocol to http if not specified
ASSET_PROTOCOL=${ASSET_PROTOCOL:-http}

# Replace the placeholder with the actual protocol
sed -i "s|process.env.ASSET_URL|'$ASSET_PROTOCOL://'|g" /path/to/dist/assets/index.html
  1. When running your Docker container, you can pass the ASSET_PROTOCOL environment variable:
docker run -e ASSET_PROTOCOL=https -p 80:80 -p 443:443 your-image-name

This way, you can control whether your application uses HTTP or HTTPS without rebuilding the assets. The environment variable will determine the protocol at the time the Docker container starts.

Remember that for HTTPS, you will also need to configure your web server (e.g., Nginx, Apache) to handle SSL termination and serve your application over HTTPS. This includes setting up the necessary SSL certificates.

Please note that this solution assumes that your application can handle being served over both HTTP and HTTPS without any other changes. If your application has other dependencies on the protocol, you may need to adjust this solution accordingly.

Please or to participate in this conversation.