add custom SSL configuration page

AlexIchenskiy · AlexIchenskiy · commit c145099b6436 · 2024-11-05T10:15:25.000+01:00
diff --git a/pages/data-visualization/install-and-connect.mdx b/pages/data-visualization/install-and-connect.mdx
@@ -261,6 +261,9 @@ Configure Memgraph Lab using the following environment variables when running it
 | `QUICK_CONNECT_MG_IS_ENCRYPTED`          | Turn SSL on/off for quick connect                                                                                                                                       | `boolean`  | `false`            |
 | `PORT`                                   | Lab app default listening port                                                                                                                                          | `integer`  | `3000`             |
 | `REQUEST_BODY_LIMIT_MB`                  | Limit for request body size in MB                                                                                                                                       | `integer`  | `20`               |
+| `SSL_IS_ENABLED`                         | Enable or disable SSL                                                                                                                                                   | `boolean`  | `false`            |
+| `SSL_CERT_PATH`                          | Path to SSL certificate to be used                                                                                                                                      | `string`   | `./ssl/cert.pem`   |
+| `SSL_KEY_PATH`                           | Path to SSL key to be used                                                                                                                                              | `string`   | `./ssl/key.pem`    |
 | `STORAGE_MG_HOST`                        | `(Enterprise only)` Memgraph host for the Lab remote storage                                                                                                            | `string`   |                    |
 | `STORAGE_MG_PORT`                        | `(Enterprise only)` Memgraph port for the Lab remote storage                                                                                                            | `number`   |                    |
 | `STORAGE_MG_IS_ENCRYPTED`                | `(Enterprise only)` Memgraph SSL on/off for the Lab remote storage                                                                                                      | `boolean`  |                    |
diff --git a/pages/data-visualization/user-manual/custom-ssl-certificates.mdx b/pages/data-visualization/user-manual/custom-ssl-certificates.mdx
@@ -0,0 +1,85 @@
+---
+title: Custom SSL certificates
+description: Use your own SSL certificate to use Memgraph Lab with HTTPS protocol.
+---
+
+## Instantiating Memgraph Lab with Custom SSL Certificate
+
+Memgraph Lab supports using custom SSL certificates, ensuring secure communication over HTTPS. To set up 
+SSL on Memgraph Lab you will need to configure a Dockerfile using a valid SSL certificate.
+
+### Options for Generating SSL Certificates
+
+You have several options for generating SSL certificates:
+
+#### OpenSSL
+OpenSSL is a widely used tool for generating SSL certificates. You can create a self-signed certificate using the following commands:
+
+1. Generate a private key:
+  ```bash
+    openssl genrsa -out key.pem 2048
+  ```
+
+2. Generate a self-signed certificate:
+  ```bash
+    openssl req -new -x509 -key key.pem -out cert.pem -days 365
+  ```
+
+However, this option has an expiration date and is not signed by a publicly trusted 
+[certificate authority](https://en.wikipedia.org/wiki/Certificate_authority), which means 
+you will most likely receive a security warning from your browser while using it.
+
+#### Let's Encrypt
+[Let's Encrypt](https://letsencrypt.org/) is a free, automated, and open certificate authority 
+that provides SSL certificates. You can use tools like Certbot to obtain and install certificates. 
+To use Let's Encrypt:
+
+1. Install Certbot.
+2. Run Certbot to obtain your certificates:
+  ```bash
+    sudo certbot certonly --standalone -d yourdomain.com
+  ```
+
+This will generate your SSL certificate and key, typically located in 
+`/etc/letsencrypt/live/yourdomain.com/`.
+
+### Dockerfile setup
+
+To run Memgraph Lab with custom SSL certificates, you need to create a 
+Dockerfile that specifies how to build the Docker image with your certificates.
+
+You will need to set the `SSL_CERT_PATH` and `SSL_KEY_PATH` environment variables 
+to override the default `./ssl/` path used by Lab running in the container to 
+determine the SSL certificate location. After that, you should copy your certificates
+(located in the `ssl` folder at the same location as your `Dockerfile`, for example) 
+into the container at the specified path.
+
+#### Example Dockerfile
+```docker
+FROM memgraph/lab:latest
+
+# Environment variables
+ENV SSL_IS_ENABLED=true
+ENV SSL_CERT_PATH=./myssl/cert.pem
+ENV SSL_KEY_PATH=./myssl/key.pem
+
+# COPY source_on_your_machine destination_in_container
+COPY ssl/ ./myssl/
+
+EXPOSE 3000
+```
+
+#### Building and Running the Docker Container
+
+1. **Create the SSL Directory**: Make sure your SSL certificate and key are placed 
+in a directory specified as `COPY` source in your Dockerfile.
+
+2. **Build the Docker Image**: Run the following command to build your Docker image:
+   `docker build -t memgraph-lab-ssl .`
+
+3. **Run the Docker Container**: Start the container using the following command:
+   `docker run -p 3000:3000 memgraph-lab-ssl`
+
+4. **Access Memgraph Lab**: You can now access Memgraph Lab in your web browser at 
+`https://localhost:3000`. Ensure to configure your browser to trust the self-signed 
+certificate if you are using one.
