Add security options for HTTPS and SSL verification

Co-authored-by: mblanke <9078342+mblanke@users.noreply.github.com>

README.md

@@ -81,17 +81,27 @@ Create a `config.json` file in the root directory:
     "host": "192.168.1.100",
     "port": 5000,
     "username": "your-username",
-    "password": "your-password"
+    "password": "your-password",
+    "useHttps": false
   },
   "unifi": {
     "host": "192.168.1.1",
     "port": 443,
     "username": "your-username",
-    "password": "your-password"
+    "password": "your-password",
+    "verifySsl": false
   }
 }
 ```
 
+**Configuration Options:**
+
+- **Synology**
+  - `useHttps`: Set to `true` to use HTTPS (recommended for production). Default: `false`
+  
+- **Unifi**
+  - `verifySsl`: Set to `true` if you have valid SSL certificates. Default: `false` (allows self-signed certificates)
+
 **Note:** Both Synology and Unifi are optional. The dashboard will work with just Docker if you don't configure them.
 
 ## 🎨 Features in Detail

config.example.json

@@ -3,12 +3,14 @@
     "host": "192.168.1.100",
     "port": 5000,
     "username": "your-username",
-    "password": "your-password"
+    "password": "your-password",
+    "useHttps": false
   },
   "unifi": {
     "host": "192.168.1.1",
     "port": 443,
     "username": "your-username",
-    "password": "your-password"
+    "password": "your-password",
+    "verifySsl": false
   }
 }

server.js

@@ -105,7 +105,7 @@ app.post('/api/docker/container/:id/:action', async (req, res) => {
 // Synology endpoints
 app.get('/api/synology/info', async (req, res) => {
   try {
-    const { host, port = 5000, username, password } = config.synology || {};
+    const { host, port = 5000, username, password, useHttps = false } = config.synology || {};
     
     if (!host || !username || !password) {
       return res.json({ 
@@ -114,9 +114,12 @@ app.get('/api/synology/info', async (req, res) => {
       });
     }
 
+    const protocol = useHttps ? 'https' : 'http';
+    
     // Login to Synology
+    // Note: Use HTTPS in production to protect credentials
     const loginResponse = await axios.get(
-      `http://${host}:${port}/webapi/auth.cgi`,
+      `${protocol}://${host}:${port}/webapi/auth.cgi`,
       {
         params: {
           api: 'SYNO.API.Auth',
@@ -139,7 +142,7 @@ app.get('/api/synology/info', async (req, res) => {
 
     // Get system info
     const infoResponse = await axios.get(
-      `http://${host}:${port}/webapi/entry.cgi`,
+      `${protocol}://${host}:${port}/webapi/entry.cgi`,
       {
         params: {
           api: 'SYNO.Core.System',
@@ -153,7 +156,7 @@ app.get('/api/synology/info', async (req, res) => {
 
     // Get storage info
     const storageResponse = await axios.get(
-      `http://${host}:${port}/webapi/entry.cgi`,
+      `${protocol}://${host}:${port}/webapi/entry.cgi`,
       {
         params: {
           api: 'SYNO.Core.System.Utilization',
@@ -181,7 +184,7 @@ app.get('/api/synology/info', async (req, res) => {
 // Unifi endpoints
 app.get('/api/unifi/devices', async (req, res) => {
   try {
-    const { host, username, password, port = 443 } = config.unifi || {};
+    const { host, username, password, port = 443, verifySsl = false } = config.unifi || {};
     
     if (!host || !username || !password) {
       return res.json({ 
@@ -191,9 +194,11 @@ app.get('/api/unifi/devices', async (req, res) => {
     }
 
     // Create axios instance with cookie jar
+    // Note: SSL verification is disabled by default for self-signed certificates
+    // Set verifySsl: true in config.json if you have proper certificates
     const api = axios.create({
       baseURL: `https://${host}:${port}`,
-      httpsAgent: new (require('https').Agent)({ rejectUnauthorized: false }),
+      httpsAgent: new (require('https').Agent)({ rejectUnauthorized: verifySsl }),
       timeout: 5000
     });