New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cockpit (252-1)doesn't work with Cloudflare Argo Tunneling #16396
Comments
I was able to fix this by telling Cloudflare not to verify the self-signed certificate Cockpit presents by default. I see the same error I got in your logs:
Try making the config look like this:
Loading a valid certificate into |
@a73x7 : Note that @CharlesGodwin used plain http between the proxy and port 9090 for cockpit, which is the recommended iteration. A major reason for using a reverse proxy in the first place is for the proxy to "take over" TLS. |
@CharlesGodwin , can you please open the JavaScript console (Ctrl+Shift+J) on the login page, and then see if you get some error message? |
The setting still applies, because the first thing cockpit does after you login is make a websocket connection to I would guess if they did that their error would be a failure to connect to |
You probably forgot to configure cockpit.conf for reverse proxy mode, i.e. |
Nice, I got it working without any TLS settings. I had configured my cockpit.conf following the NGINX guide, hadn't seen the Apache one. The trick seems to be in the |
It is resolved thanks to your help @martinpitt @a73x7 - hostname: cockpit.example.com service: https://localhost:9090 originRequest: noTLSVerify: true And then /etc/cockpit/cockpit.conf I had also done that but the filename had a trailing dot that didn't help Now all is good. I'm delighted. cat /etc/cockpit/cockpit.conf [WebService] Origins = https://dashboard.xxxxx.ca wss://dashboard.xxxxx.ca ProtocolHeader = X-Forwarded-Proto AllowUnencrypted = true |
Adding the following and restarting the cockpit services fixed the issue |
Cockpit version: 252-1
OS: Linux ubuntu-02 5.13.0-16-generic #16-Ubuntu SMP Fri Sep 3 14:53:27 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Page: N/A
I'm trying to put Cockpit behind a Cloudflare Tunnel. It sort of works as the login page appears, but then, after I enter my credentials, I get an empty page.
I have set config.yml of cloudflared I use
service: http://localhost:9090
and then I invoke it using https://dashboard.mydomain.com
This technique is working on other non-standard port tools such as grafana.
cockpit works properly when invoked directly, without Cloudflare tunnelling.
cockpit.log.gz
Steps to reproduce
I have set config.yml of cloudflared I use
service: http://localhost:9090
2.try to access using http://dashboard.mydomain.com
The text was updated successfully, but these errors were encountered: