Add documentation for self-signed cert healthchecks (#7397)

* Add documentation for self-signed cert healthchecks

Adds instruction to set NODE_EXTRA_CA_CERTS in docker-compose healthcheck commands so Node.js can trust the certificate.

* [autofix.ci] apply automated fixes

* fixup! Add documentation for self-signed cert healthchecks

* [autofix.ci] apply automated fixes

* Update Docker health checks with self-signed certs

If using self signed certs, comment the first test line and uncomment
the second test line.

* fixup! Update Docker health checks with self-signed certs

* fixup! Add documentation for self-signed cert healthchecks

* fixup! Update Docker health checks with self-signed certs

* [autofix.ci] apply automated fixes

* fixup! Add documentation for self-signed cert healthchecks

* fixup! Update Docker health checks with self-signed certs

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

Author: Kennedy242

packages/docs/docs/config/https.md

@@ -14,6 +14,15 @@ Use a self-signed certificate. This is the easiest way to get HTTPS working, but
 
 - A command line tool like [mkcert](https://github.com/FiloSottile/mkcert) can automate this process.
 - Alternately, you can manually generate the certificates. Install OpenSSL for your operating system, then run `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout selfhost.key -out selfhost.crt` in a terminal to generate the certificate and private key. You'll need to enter a two-letter country code to get the `.crt` file to be generated, but you can leave the rest of the fields blank (just hit enter at each prompt). Move the `selfhost.key` and `selfhost.crt` files to a location accessible to the Actual server.
+- When using a self-signed certificate, you may need to update the health check test command in your docker-compose.yml file to ensure it trusts the certificate. Add the `NODE_EXTRA_CA_CERTS=/data/selfhost.crt` environment variable to the health check command:
+
+  ```yaml
+  test:
+    [
+      'CMD-SHELL',
+      'NODE_EXTRA_CA_CERTS=/data/selfhost.crt node src/scripts/health-check.js',
+    ]
+  ```
 
 ### Obtain a certificate without exposing to the internet
 

packages/sync-server/docker-compose.yml

@@ -22,6 +22,8 @@ services:
     healthcheck:
       # Enable health check for the instance
       test: ['CMD-SHELL', 'node src/scripts/health-check.js']
+      # health check using self signed certs
+      # test: ['CMD-SHELL', 'NODE_EXTRA_CA_CERTS=/data/selfhost.crt node src/scripts/health-check.js']
       interval: 60s
       timeout: 10s
       retries: 3

upcoming-release-notes/7397.md

@@ -0,0 +1,6 @@
+---
+category: Maintenance
+authors: [Kennedy242]
+---
+
+Add documentation for configuring Docker health checks with self-signed certificates using `NODE_EXTRA_CA_CERTS`.