sshwifty icon indicating copy to clipboard operation
sshwifty copied to clipboard
verified publisher icon nirui

Changes to address reverse proxy changes

Open lucianor opened this issue 2 years ago • 1 comments

This removes the /sshwifty/ folder from the HTML, server code and js configs to address this feature request.

https://github.com/nirui/sshwifty/issues/139

I have not tested this change yet.

lucianor avatar Jun 21 '23 15:06 lucianor

Reopening this pull request with additional changes to app.js to account for the pathname during websocket calls. With these additional changes, one can reverse proxy sshwifty to any folder they desire and by using any web server. These changes have been tested. I ran sshwifty on my local server and tested a reverse proxy on a valid domain with TLS with multiple web servers (caddy, nginx, apache and lighttpd) on my VPS - both servers are connected with openVPN.

See configs used below, assuming sshwifty would be available under "/ssh" path, and sshwifty is running under 10.8.0.2 port 8182. I listed them by ease to deploy:

caddy - add to your Caddyfile

handle_path /ssh/* {
   reverse_proxy 10.8.0.2:8182
}

lighttpd - any .conf file under /etc/lighttpd/conf-enabled

server.modules += (
        "mod_auth",
        "mod_proxy",
        "mod_setenv"
)

$HTTP["url"] =~ "^/ssh($|/)" {
        proxy.header = ( "upgrade" => "enable", "map-urlpath" => ("/ssh"  => "") )
        proxy.server = ( "" => ( ( "host" => "10.8.0.2", "port" => 8182) ) )
}

nginx - put it under 'default' or another file /etc/nginx/sites-enabled

location /ssh/ {
	rewrite ^/ssh(.*) $1 break;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Host $host;
	proxy_pass http://10.8.0.2:8182;
}

apache 2 - need to enable rewrite and proxy modules and add to a config under /etc/apache2/sites-enabled

  RewriteEngine On
  ProxyPreserveHost On
  ProxyRequests Off

  RewriteEngine On
  RewriteCond %{HTTP:Upgrade} =websocket [NC]
  RewriteRule /ssh/(.*)           ws://10.8.0.2:8182/$1 [P,L]
  RewriteCond %{HTTP:Upgrade} !=websocket [NC]
  RewriteRule /ssh/(.*)           http://10.8.0.2:8182/$1 [P,L]

  ProxyPass "/ssh" "http://10.8.0.2:8182"
  ProxyPassReverse "/ssh" "http://10.8.0.2:8182"

  ProxyPass "/ssh/socket" "ws:///10.8.0.2:8182/socket"
  ProxyPassReverse "/ssh/socket" "ws://10.8.0.2:8182/socket"

lucianor avatar Jun 22 '23 18:06 lucianor