Integration Server Non-SSL setup


I try to get non-ssl access to the mender integration server.
In the official GitHub documentation it says that i could use docker-compose.non-ssl.yml which basically just exposes port 80 to 8090. That does NOT work because the nginx server for port 80 looks like this:

server {
        listen 80;

        server_name _;

        return 301 https://$http_host$request_uri;

It just redirects the traffic to https and your non-ssl traffic just ends here.

In order to fix this issue you could simply put all application specific nginx logic into the server block for port 80 and on the port 443 you do the ssl termination and proxy pass to localhost:80.
Also the server won’t start if you dont provide certificates even though you just want non-ssl traffic.
This could be solved by disabling the ssl server block if a specific environment variable is set (this will be easy since you already use openresty)
This environment variable also needs to ignore the cert verify in

Why do i even want non-ssl access ?
I currently want to implement the mender integration server in kubernetes / swarm / nomad. Typically in a cluster setup you run some other tools which handles ssl termination for you. For example Certbot / Traefik.
I also want to share the setup for these frameworks as a pull request on the upstream repo.

If you like my idea of handling the ssl termination i would provide you with the correct and nginx.conf for this setup because the repository for this is not open source. I would also do this change non-breaking so everything works just like right now, except you can simply disable ssl by setting one environment variable in the docker-compose file.

Is there general interest in this setup, and a chance that my changes will end up in the upstream repo ?

Best Regards,


Hello @breuerfelix

I confirm you the exposes the HTTP port from openresty to local port 9080, but as long as the virtual host configuration is not updated, accessing Mender via HTTP is not possible. The only way to solve your issue now is to override/patch the openresty/nginx configuration file in your container to configure it to serve Mender using HTTP.

The configuration can be improved; contributions are always welcome. This specific point is in the roadmap, indeed, but it is unlikely it will be part of our next release, Mender 2.3.

Best regards.

Hey @tranchitella

I currently patch the nginx.conf but this requires another file mount. File mounts are not that good for cluster setups cause thats requiring a custom image which needs to be updated if you update the upstream or a shared drive.

Thanks for your response! What is the proper way for me to contribute ?
Is the source really closed or am i just not finding the correct repo ?

If it is closed source, where could i provide you with the sources ? Is this the right place here ?


Hello @breuerfelix,

the git repository for the api gateway is here:

Best regards,