From c0ddf5963416fdfc690859034ecd95baf66be821 Mon Sep 17 00:00:00 2001
From: Luke Imhoff <luke.imhoff@dockyard.com>
Date: Tue, 22 Jan 2019 10:04:35 -0600
Subject: [PATCH] Only use HTTPS for prod and dev so H2 will be used in
 browswer

Fixes #1322

All browsers require HTTPS for HTTP/2 requests.

To enable HTTPS in development:
1. `cd apps/block_scout_web`
2. `mix phx.gen.cert blockscout blockscout.local`
3. Add `blockscout` and `blockscout.local` to your `/etc/hosts`
4. If using Chrome, Enable chrome://flags/#allow-insecure-localhost.

In production, use LetsEncrypt or AWS cert infrastructure and set
environment variables:
* `SSL_CACERT_FILE`
* `SSL_CERT_FILE`
* `SSL_DHPARAM_FILE`
* `SSL_KEY_FILE`

https://blog.progressplum.app/ssl-migration-from-nginx-to-cowboy-2-in-phoenix-1-4/
is available as a guide if fronting with nginx.
---
 .gitignore                           | 3 +++
 apps/block_scout_web/config/dev.exs  | 6 ++++++
 apps/block_scout_web/config/test.exs | 2 +-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 55606b1502..b4d6d0f792 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,3 +39,6 @@ screenshots/
 
 # osx 
 .DS_Store
+
+# mix phx.gen.cert self-signed certs for dev
+/apps/block_scout_web/priv/cert
diff --git a/apps/block_scout_web/config/dev.exs b/apps/block_scout_web/config/dev.exs
index 2b50183667..8feafba7cb 100644
--- a/apps/block_scout_web/config/dev.exs
+++ b/apps/block_scout_web/config/dev.exs
@@ -8,6 +8,12 @@ use Mix.Config
 # with webpack to recompile .js and .css sources.
 config :block_scout_web, BlockScoutWeb.Endpoint,
   http: [port: 4000],
+  https: [
+    port: 4001,
+    cipher_suite: :strong,
+    certfile: "priv/cert/selfsigned.pem",
+    keyfile: "priv/cert/selfsigned_key.pem"
+  ],
   debug_errors: true,
   code_reloader: true,
   check_origin: false,
diff --git a/apps/block_scout_web/config/test.exs b/apps/block_scout_web/config/test.exs
index 72beec9ff4..1c695a15bc 100644
--- a/apps/block_scout_web/config/test.exs
+++ b/apps/block_scout_web/config/test.exs
@@ -5,7 +5,7 @@ config :block_scout_web, :sql_sandbox, true
 # We don't run a server during test. If one is required,
 # you can enable the server option below.
 config :block_scout_web, BlockScoutWeb.Endpoint,
-  http: [port: 4001],
+  http: [port: 4002],
   secret_key_base: "27Swe6KtEtmN37WyEYRjKWyxYULNtrxlkCEKur4qoV+Lwtk8lafsR16ifz1XBBYj",
   server: true