I have couchdb 1.2 running on the port 5984 by default and I’ve enabled the bind address 0.0.0.0 so that I can access the couch from the outside world. At the same time I’ve enabled the “required user” to true(which by defaults enables the basic auth for couchdb). I can access the couch from outside and I’m majorly using this for replication.
I have nginx in front of my application and so all the requests coming to http://example.com are reidrected to https://example.com and the requests are served by my passenger server which runs my rails application.
As I’ve enabled the couch from out side the world, currently I can access my couchdb either by http://ip_address:5984 or http://example.com:5984 (observer its not https).
I want to enable https to the requests which are served by couchdb. Couple of solutions which I’ve thought and will not be useful for me are –
1. Add a proxy to couchdb either through location ex: all requests to https://example.com/couchdb/ can be proxy passed to http://127.0.0.1:5984 (or)
2. Add a proxy by listen port ex: listen on a different port say “https://example.com:5985” and proxy pass the requests to http://127.0.0.1:5984.
3. I can’t listen to 5984 and proxy pass it to http://...:5984 as the port is already being used by couchdb.
Is there a way I can say nginx to proxy pass all the requests to port 5984 through https?
ie any requests to http://example.com:5984 should be redirected to http**s**://example.com:5984
I guess the simple answer for my question would be its not possible to proxy pass requests from
http://example.com:5984to {https://example.com:5984}. For solving this problem i’ve enabled default https for couch so i can access my couch only through {https://example.com:5984}. SSL for couch was implemented from couchdb1.1