Building a secure web application is essential for protecting user data and ensuring reliable service. In this tutorial, we will guide you through creating a secure Actix Web app using Docker containers. This step-by-step guide is designed for developers familiar with Rust and Docker basics.

Prerequisites

  • Rust installed on your machine
  • Docker and Docker Compose installed
  • Basic knowledge of Rust programming
  • Familiarity with Docker concepts

Step 1: Create a New Actix Web Project

Start by creating a new Rust project using Cargo. Open your terminal and run:

cargo new actix_secure_app
cd actix_secure_app

Navigate into the project directory to begin development.

Step 2: Add Dependencies

Edit your Cargo.toml file to include necessary dependencies:

[dependencies]
actix-web = "4"
openssl = { version = "0.10", features = ["vendored"] }
dotenv = "0.15"

Step 3: Implement Secure Server

Replace the contents of src/main.rs with the following code to set up an HTTPS server:

use actix_web::{HttpServer, App, HttpResponse, Responder};
use openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};

async fn index() -> impl Responder {
    HttpResponse::Ok().body("Secure Actix Web App")
}

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    builder.set_private_key_file("cert/key.pem", SslFiletype::PEM).unwrap();
    builder.set_certificate_chain_file("cert/cert.pem").unwrap();

    HttpServer::new(|| {
        App::new()
            .route("/", actix_web::web::get().to(index))
    })
    .bind_openssl("0.0.0.0:8443", builder)?
    .run()
    .await
}

Step 4: Generate SSL Certificates

Use OpenSSL to generate self-signed certificates for development purposes:

mkdir cert
openssl req -x509 -newkey rsa:4096 -keyout cert/key.pem -out cert/cert.pem -days 365 -nodes -subj "/CN=localhost"

Step 5: Create Dockerfile

In the project root, create a Dockerfile with the following content:

FROM rust:latest

WORKDIR /app

COPY . .

RUN cargo build --release

EXPOSE 8443

CMD ["./target/release/actix_secure_app"]

Step 6: Docker Compose Setup

Create a docker-compose.yml file to define the service:

version: '3.8'

services:
  web:
    build: .
    ports:
      - "8443:8443"
    volumes:
      - .:/app
      - ./cert:/app/cert
    environment:
      - RUST_LOG=info

Step 7: Build and Run the Application

Build your Docker image and start the container:

docker-compose build
docker-compose up

The server will now run securely over HTTPS on port 8443.

Additional Security Measures

For production deployment, consider obtaining certificates from a trusted Certificate Authority (CA) and configuring your server accordingly. Also, implement security headers and proper environment variable management.

Conclusion

This tutorial demonstrated how to create a secure Actix Web application using Docker containers. By integrating SSL certificates and containerization, you can enhance your application's security and portability.