webvirtcloud
webvirtcloud copied to clipboard
retspen
problems with https
Hi,
i'm using the latest version in a docker container and i'm connecting via ssh to the host. As long as i'm in the LAN environment everything is working including novnc
As this setup should run behind a proxy (HAPROXY) i've tried to follow this example: https://github.com/retspen/webvirtmgr/issues/253#issuecomment-36834638
but with enabled https isn't working:
also, it's odd that as soon i'm changing
Websock public host
WS_PUBLIC_HOST = to.some.domain.name
Websock Certificate for SSL
WS_CERT = /etc/nginx/cert/cert.pem #cert created as of documentation
the processes are spawning and dying
so 'im stuck here. Any hints?
even though i have fixed the spawn errors (config typo in settings.py) it's still not working it seems a widespread error with novncd via reverse proxies..... tested with HAPROXy anf nginx always getting the 1006 error in the browser whenever websockets and reverse proxy terms are used within Dr. Google the solutions are not there
did you check these posts: https://github.com/retspen/webvirtcloud/issues/173
yes, i have configured everything back and forth according to those post. unfortunately it is not working. What i have learned during my 2 days googeling, is that other non webvirtcloud users (for example proxmox) are also having problems and it seems it have "something" to do with version. v4 (working) and v5 not working. As your link is an post from 2018, i guess this was the time where an older novnc release was still working
steps i have done:
Try 1 - leave nginx of webvirtcloud on port 80
- publish port 80 and 6080 in docker
- edit settings.py and modify: - WS_PUBLIC_PORT = 80 - WS_PUBLIC_HOST = somedomain.com
..not working
Try 2 - leave nginx on port 80 but set everything else to cert based - copy wildcard cert.crt/cert.key via cat > into cert.pem - modify settings.py and modify - WS_PUBLIC_PORT = 80 - WS_PUBLIC_HOST = somedomain.com - WS_CERT = /path/to/cert.pem - modify /opt/webvirtcloud/console/novcnd - CERT = /path/to/cert.pem - modifiy /etc/supervisor.d/webvirtcloud.ini - add --cert /path/to/cert/cert.pem to novcd start path
..not working
Try 3 change nginx of webvirtcloud to port 443 - publish 443 also in docker - add certs to the appropriate area in webvirtcloud nginx - do everything else of try 2 except set WS_PUBLIC_PORT = 443
...not working
so i'm out of ideas....
Hi I just set this up using Nginx and SSL. WS_PUBLIC_PORT = 443 for me because I am accessing via HTTPS.
I don't think you require any cert info in your settings.py file because the certification, in my case, is handled by NGINX.
My nginx webvirtcloud.conf:
server {
listen 80;
server_name kvm.xxx.com;
return 302 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name kvm.xxx.com;
client_max_body_size 50M;
include snippets/restrict.conf;
server_tokens off;
access_log /var/log/nginx/error.log;
access_log /var/log/nginx/default.log;
expires -1;
include conf.d/security.conf;
location /static/ {
root /srv/webvirtcloud;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_set_header X-Forwarded-Ssl off;
proxy_connect_timeout 1800;
proxy_read_timeout 1800;
proxy_send_timeout 1800;
client_max_body_size 1024M;
}
location /novncd/ {
proxy_pass http://127.0.0.1:6080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
upstream wsnovncd {
server 127.0.0.1:6080;
}
*Note my certificate paths are in nginx.conf and look like this:
### SSL Settings
ssl_certificate /etc/ssl/nginx/server.crt;
ssl_certificate_key /etc/ssl/nginx/server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
My settings.py file is default except for: WS_PUBLIC_PORT = 443
It all works.
Good luck.
