- We would need HTTPS to make transmission secure (and that’s cumbersome if you are self-hosting)
Itʼs pretty easy with Let’s Encrypt today. However, running Flask runserver
in a production environment is questionable, but thatʼs just the matter of documentation.
- Our watchers are very frequently sending heartbeats to aw-server, to do this locally is already rather expensive and doing so remotely would be even more so. We have plans to batch these heartbeats together before sending them off for performance optimization, but that work is not done.
Thereʼs a monitoring tool called Zabbix, which suffers from the same problem. To counter it, they made a component called Zabbix Proxy. It basically collects all monitoring event and sends them to the server in batches.
I was also thinking if authentication worths anything without the notation of users; and if that happens, one can also define machines, so a relationship can be made between users and machines, and machines and events. This, however, can make the whole architecture a lot more complicated.