Page MenuHomePhabricator

Terminate Thumbor with SSL
Open, MediumPublic


In order to allow having Mediawiki talk directly to Thumbor for thumb.php, Thumbor needs to be available behind a secure connection. In the public thumbnail scenario that SSL termination is done at the Swift level, which is bypassed by thumb.php.

Related Objects

Event Timeline

Gilles created this task.Nov 16 2017, 3:15 PM
Gilles moved this task from Inbox to Radar on the Performance-Team board.Nov 20 2017, 9:17 PM
Gilles edited projects, added Performance-Team (Radar); removed Performance-Team.

@fgiunchedi I'd like to add private wiki support for Thumbor as a Q3 goal. Will you have the bandwidth to handle this task next quarter?

@Gilles if the scope is just securing thumbor with https then certainly. Do you envision any other help from ops besides e.g. build/deploy ?

I don't expect any other work, no. This task really is only about adding SSL termination to Thumbor, so that Mediawiki can talk to it directly securely, since in the private wiki/thumb.php scenario we're not going through the Swift proxy.

Yup seems simple enough!

Gilles moved this task from Backlog to Radar on the Thumbor board.Mar 14 2018, 7:35 AM
fgiunchedi moved this task from Backlog to Radar on the User-fgiunchedi board.May 13 2019, 8:59 AM
fgiunchedi removed fgiunchedi as the assignee of this task.Jul 19 2019, 9:31 AM
fgiunchedi removed a project: User-fgiunchedi.

Thumbor ownership has moved to service operations, unassigning

jijiki added a subscriber: jijiki.

TLS on haproxy it is then:)

jijiki moved this task from Backlog to Next up on the serviceops board.Jul 26 2019, 10:27 AM
Joe moved this task from Next up to Backlog on the serviceops board.Sep 11 2019, 7:20 AM
jijiki claimed this task.Sep 11 2019, 2:53 PM
Joe added a subscriber: Joe.Sep 16 2019, 3:04 PM

TLS on haproxy it is then:)

We're trying to standardize TLS termination on envoy, and I think we should concentrate on moving thumbor to kubernetes next.

@Joe we will be moving towards this direction

jijiki moved this task from Backlog/Radar to In Progress on the User-jijiki board.Oct 7 2019, 11:41 AM