Quickstart step 5: Configure HTTPS reverse proxy
Sourcegraph’s development environment ships with a Caddy 2 HTTPS reverse proxy that allows you to access your local sourcegraph instance via
https://sourcegraph.test:3443 (a fake domain with a self-signed certificate that’s added to
If you’d like Sourcegraph to be accessible under
https://sourcegraph.test (port 443) instead, you can set up authbind and set the environment variable
In order to configure the HTTPS reverse-proxy, you’ll need to edit
/etc/hosts and initialize Caddy 2.
sourcegraph.test needs to be added to
/etc/hosts as an alias to
127.0.0.1. There are two main ways of accomplishing this:
- Manually append
- Use the provided
./dev/add_https_domain_to_hosts.shconvenience script (sudo may be required).
> ./dev/add_https_domain_to_hosts.sh --- adding sourcegraph.test to '/etc/hosts' (you may need to enter your password) Password: Adding host(s) "sourcegraph.test" to IP address 127.0.0.1 --- printing '/etc/hosts' ... 127.0.0.1 localhost sourcegraph.test ...
Initialize Caddy 2
Caddy 2 automatically manages self-signed certificates and configures your system so that your web browser can properly recognize them. The first time that Caddy runs, it needs
root/sudo permissions to add
its keys to your system’s certificate store. You can get this out the way after installing Caddy 2 by running the following command and entering your password if prompted:
Note: If you are using Firefox and have a master password set, the following prompt will come up first:
Enter Password or Pin for "NSS Certificate DB":
Enter your Firefox master password here and proceed. See this issue on GitHub for more information.
You might need to restart your web browsers in order for them to recognize the certificates.