Replies: 1 comment 2 replies
-
So the web app hosted on github pages would require the user to run a proxy on its local machine right? This proxy could be configured via a tdexdconnect URL string, or by providing the path to the macaroon and TLS cert files if needed. Anytime the user wanted to access the web-app UI, he should remember to start the proxy, shouldn't it? |
Beta Was this translation helpful? Give feedback.
-
|
We assume that who uses the app from Github Pages deployment, will paste the tdexconnect URL and the frontend via JavaScript will download the TLS certificate as file, so the user must double click and install in his system. Also in the desktop app, the user paste his tdexconnect URL, but does not need to store it & install, since the desktop app will store automatically in his own datadir using the filesystem API (ie. Tauri bridge). When run in desktop, the go proxy is packaged as sidecar, that will source from the well know datadir the TLS (and macaroon) certificate file to be passed to the gRPC client the proxy uses to call the |
Beta Was this translation helpful? Give feedback.
-
|
What you propose (web app on github pages and proxy on loclahost) is doable, the githiub pages will hardcode localhost, just not convenient imho: since user is about to download something (ie. proxy) let him download the whole web packaged as webview in a desktop app, so UX is more: download and click and you there. |
Beta Was this translation helpful? Give feedback.
-
Overview
The TDEX Daemon UI is a grpc-web client that connects to a
tdexdinstance and in order to securely encrypts the connection (especially if run on a remote instance) we use TLS self-signed certificate, which MUST be installed in the end-user system before he's able to securely use TLS termination from his browser (and not have browser complain about certificate not trusted, preventing API calls for CORS policies)Where we want to ship
We want to be able to ship the app to user in many ways, desktop app (compiled with Tauri?), web app on github pages and on the node-in-a-box projects (ie. Umbrel)
Solution
For the web app solution we can only teach users how to do this (easier path on us, more clunky pairing UX, especially if we serve in node-in-a-box project ie. Umbrel), but we can improve this shipping an extra binary for major platforms (MacOS, Linux and Windows) that works as gRPC-Web to gRPC proxy, which will listen for un-encrypted (and un-autheticated also?) calls from localhost and proxy them using a normal gRPC client (ie. written in golang since we have the tdex CLI?)
This same approach is used by Lightning Terminal, which does the following:
Desktop App with Tauri
We can make it this a bit easier (ie. without having the user to install a go binary manually) which is shipping the UI as dektop app with Tauri which is installable as "one-click" and package the go binary as a sidecar and use the internal bridge system to save in a well-known datadir the TLS so the go binary can access it (given in the UI pasted via
tdexdconnectURL)Browser app in Umbrel
In umbrel (and other solutions not docker based) where we have more flexibility, we will run a docker-compose with three services ideally:
tdexd,rpcproxyandtdex-daemon-uimanually and provide the right path for the proxy how to reach tdexd's datadir with the certificate/macaroonBeta Was this translation helpful? Give feedback.
All reactions