Skip to content

add SSL toggle and evidence image support#3

Open
TheGr3atJosh wants to merge 1 commit intoValienteTechnologies:mainfrom
TheGr3atJosh:feat/ssl-and-evidence
Open

add SSL toggle and evidence image support#3
TheGr3atJosh wants to merge 1 commit intoValienteTechnologies:mainfrom
TheGr3atJosh:feat/ssl-and-evidence

Conversation

@TheGr3atJosh
Copy link
Copy Markdown

@TheGr3atJosh TheGr3atJosh commented Apr 14, 2026
edited
Loading

Summary

  • This PR allow Ghostbadger to work with locally installed instances of Ghostwriter
  • SSL verification toggleGHOSTWRITER_VERIFY_SSL=false disables cert checking for self-signed Ghostwriter certs
  • Evidence images in PDFsfetch_evidence tries HTTP (JWT Bearer to /media/) first; if that fails and GHOSTWRITER_MEDIA_PATH is set, falls back to reading
    directly from a mounted media volume (useful for local Docker deployments where Ghostwriter runs on the same host)
  • compose.yaml — all optional config commented out by default; both evidence approaches documented inline

Configuration

Remote Ghostwriter — no changes needed; HTTP fetch works automatically once ALLOWED_HOSTS includes the ghostbadger host.

Local Docker (same host) — uncomment three lines in compose.yaml:

- GHOSTWRITER_MEDIA_PATH=/ghostwriter_media                                                                                                                                 
# ...                                      
- ghostwriter_production_data:/ghostwriter_media:ro                                                                                                                         
# ...                                                     
volumes:                               
  ghostwriter_production_data:                                                                                                                                              
    external: true

Test plan

  • Render a report with evidence images — confirm they appear in the PDF
  • Set GHOSTWRITER_VERIFY_SSL=false — confirm self-signed cert no longer blocks requests
  • Without volume mount — confirm HTTP fetch is attempted and gracefully falls back

🤖 Generated with Claude Code

@TheGr3atJosh @claude
add SSL toggle and evidence image support
fd31a09 
- GHOSTWRITER_VERIFY_SSL env var to disable SSL verification for
  self-signed Ghostwriter certs (default: true)
- Restore fetch_evidence in GhostwriterClient; use auth-only headers
  on media GET requests (Content-Type: application/json caused 400s)
- evidence.py tries HTTP fetch first, falls back to direct volume read
  when GHOSTWRITER_MEDIA_PATH is set (local Docker deployments)
- WeasyPrint resource fetcher returns a transparent 1x1 PNG for missing
  evidence so PDF generation does not abort on fetch failures
- compose.yaml documents both evidence approaches; all optional config
  commented out by default

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TheGr3atJosh