I just installed dump1090-fa and piaware on a Raspberry Pi 3 B, got it all working and synced to FlightAware. I would like to port forward my local web server so I can get to it externally but I really dislike unsecured connections. I have no problem creating a server cert with a DNS name and installing it in lighttpd but I don’t want to mess up the app-specific setup. Has anyone done this successfully and is willing to share the specific steps?
Thanks,
Erik
The dump1090-fa specific stuff is in this directory: /etc/lighttpd/conf-enabled
If you change the main configuration file you shouldn’t hurt it.
(Unless you delete the line including that directory in the main configuration file)
Yeah, I figured out most of it but some data is still sent in the clear, will need to investigate. I was just worried that apt-get package updates might overlay my changes, was thinking there might be a sanctioned config option to support https (imho everything should support https by default).
If you make changes in /etc then they won’t get blindly overwritten on package upgrade (apt will prompt you if upstream has made changes)
There should be no obstacles to configuring https if you want it, please let me know if you run into anything in the packaging that makes this hard. Supporting https as the default config is another question, it’d be a much larger support burden (e.g. shipping a Let’s Encrypt config and then trying to work out how to deal with almost every install being behind NAT and therefore inaccessible to the public internet…)