Skip to main content

Secure Lightdash with HTTPS

To run Lightdash in production it is highly recommended to secure it with HTTPS. This is usually done using your cloud provider's load balancer or ingress controller. Optionally you could use a proxy service like [nginx] (https://www.nginx.com/) or traefik.

Configuration options for HTTPS

# values.yaml
configMap:

  # Ensures all Lightdash links use https
  SITE_URL: https://lightdash.mycompany.com
  
  # Only allow cookies to be sent over HTTPS
  SECURE_COOKIES: "true"

  # (optional) allow http traffic behind a https enabled proxy
  TRUST_PROXY: "true"

# Depending on your ingress implemantation you may need to set the following
service:
  type: NodePort
  
# Example ingress controller configuration
ingress:
    enabled: true
    annotations: {}
    hosts:
      - host: lightdash.mycompany.com
        paths:
          - path: /*
            pathType: ImplementationSpecific
    tls:
      - hosts:
          - lightdash.mycompany.com
        secretName: lightdash-tls