I brought up in our SysOps meeting this morning that I couldn't get
FOLIO to work with https.  I was confused and thinking of stripes as
running on the server for some reason rather than in the user's browser,
as Wayne reminded me it does.  I've since setup Apache as a reverse
proxy between okapi and the world.  I setup Apache to act as a reverse
proxy properly for port 9130 on the server using Apache's "Location"
directive for the path "/okapi", then changed my stripes.config.js and
re-ran the "yarn build output --sourcemap" command in my
"folio-testing-platform" directory, then deployed the output of that to
/var/www/folio-stripes-platform.

I should also mention that before I started working on this, I didn't
have any local firewall setup on my folio test server, so port 9130 was
open to the world (actually Lehigh's campus, since our campus border
firewall would block incoming stuff on 9130 from elsewhere).  As part of
setting up the reverse proxy, I figured I should setup a local firewall
to make sure the reverse proxy is working as intended (and just in
general).  When I did this, I suddenly started getting errors from
stripes saying it timed out trying to talk to okapi when I tried to log
into FOLIO.  When I looked at the firewall's logs I saw it blocking
traffic from 172.17.0.2.  I was briefly confused as to what that was
until I remembered that's an IP that's in the range the docker
containers use.  I made exceptions for ports 9130 (for okapi) and 5432
(for Postgres) for 172.17.0.0/24 on my FOLIO test server and that fixed
the problem.

I'm attaching the stripes.config.js that I used and the Apache
configuration I'm using for the reverse proxy.  In this configuration,
FOLIO  seems to be working fine.  TAMU folks -- you said SSL wasn't
working for you, right?  My setup is simpler, since it's just the one
node, but hopefully some of this is helpful.

-Chris

--
Christopher Creswell
Library and Technology Services
Sr. Library Systems Analyst
(610) 758-1432
ccc2@lehigh.edu