To access a Refact server from anywhere on the internet, the reverse proxy needs to accept encrypted HTTPS requests and forward them via HTTP to the Refact server.
Transport encryption is not the only thing you need to make the connection secure — you also need to set a good password.
Self-Signed Certificate
You can generate a self-signed certificate in one command:
Of course it’s better to use a real certificate, because clients will be able to verify it, making
man-in-the-middle attacks impossible.
For a self-signed certificate, you will need to set “Allow insecure server connections when using SSL” option
in the IDE plugin settings.
Setting Up
The next command assumes you have nginx installed on your server.
It’s possible to try it your laptop as well (use brew install nginx on a macbook).
The daemon off; part allows nginx to run the the current console, so you can quickly stop and restart it.
An example of my_reverse_proxy.config that’s tested to work with Refact, with comments:
Debugging
Refact plugins use refact-lsp to communicate with the server. It starts together with the IDE as a subprocess. Here is a command to find it when it’s running:
You can quickly run refact-lsp in the terminal to see if your proxy works. If it doesn’t, you’ll see the error immediately:
where PATH_TO_BINARY you can copy-paste from the previous command. The line you are looking for is:
If that works, and it really has “https” in the address, then the proxy is working correctly!
If it doesn’t, you can look at the error message, and also you can try to fetch the same file using curl:
And compare the results. Please report any problems following this page!