-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UI: Provide a path prefix #1382
Comments
This would be really nice to have, and also the ability to prefix the HTTP API. I used nginx proxy_pass for this. Provide a URI and it will rewrite the location. I'm not saying that it wouldn't be nice to have a prefix - it certainly would - but this is a workaround that will let you add /consul before the url. It should be something like:
One other problem I had is that the UI doesn't have any knowledge of a prefix for the |
Thanks @highlyunavailable ! That was very helpful. In case it helps anybody, I applied your workaround in HAProxy like so: frontend http-in
mode http
acl is_consul path_beg /consul/
acl is_consul path_beg /v1/
use_backend consul if is_consul
use_backend promdash if is_promdash
use_backend prometheus if is_prometheus
backend consul
mode http
reqrep ^([^\ ]*\ )/consul(.*) \1/ui\2
server 127.0.0.1:8500 |
+1 |
From TritonDataCenter/containerpilot#158:
What does HashiCorp think about this solution? I'd be happy to work on it if nobody else is/has. |
Hi, We have also a dirty proxy to mask /ui behind a /consul path but now that Nomad has an ui on /ui and /v1 too, we can't use both ui on the same domain name :( |
I'm working on doing exactly what everyone else here seems to be doing. While nginx's proxy_pass works for the basic /ui, as @highlyunavailable notes something else is definitely required to proxy /v1/ which does seem desireable. |
Same here.
Config:
Vault UI returns the same errors. |
It's strange that the |
Hi http://host/consul -> consul ui on consul you need these rules on traefik (port 8500)
On nginx (port 80)
Note that on /v1 reply nginx with 404, and on /v1/* reply consul Hope this help other people :) |
But remember this isn't really a solution because for example nomad and vault also expose |
Uhm probably for this particular case you could use multiple rules for every subpath of /v1/ |
@s-christoff Is there any movement on potentially fixing the |
Hey @pvandervelde, we have been discussing it internally a bit. It is a hefty undertaking and it's not currently on our timeline right now to tackle. There is the option of putting a http proxy in front of Consul if this is absolutely necessary for now, though. |
Fair enough. At the moment we just redirect the /v1 path to consul but that means we can't redirect it for nomad or vault (or any other tool that uses /v1) |
This is now possible with |
What's the usage? |
Looking at https://github.com/hashicorp/consul/pull/6601/files ... I'll have to test. I'm not sure this change is the intent of this issue. At a high level it looks like a rename of I would be serving all of the hashi services within the same proxy host as a frontend if I could do this. |
fwiw, this should probably be reopened (or a new issue created). Although For now, I still serve Consul UI on a dedicated port, but forward /ui requests to the servers and handle all the HTTPS API requests via the local Consul client. |
Instead of adding rules for each path, you can use this hack and make a rule based on a referer header which all the API calls include. This is a traefik 2 config: [http.routers]
[http.routers.nomad]
rule = "PathPrefix(`/ui`) || PathPrefix(`/v1/client/fs/cat`) || HeadersRegexp(`referer`, `https://domain.com/ui/.*`)"
priority = 1999 ## important because vault uses the same /ui prefix
service = "nomad"
[http.routers.nomad.tls]
[http.routers.consul]
rule = "PathPrefix(`/consul`) || HeadersRegexp(`referer`, `https://domain.com/consul/.*`)"
service = "consul"
[http.routers.consul.tls]
[http.routers.vault]
rule = "PathPrefix(`/ui/vault`) || HeadersRegexp(`referer`, `https://domain.com/ui/vault.*`)"
priority = 2000
service = "vault"
[http.routers.vault.tls] |
Ok I was able to solve this problem by adding the following entry to my
Now the UI opens well in the browser when consul router is configured as in #1382 (comment) |
Hi,
I'm trying to get the UI served from behind HAProxy, similar to https://github.com/prometheus/promdash#deploy-behind-a-reverse-proxy:
In the end, I'd like to be able to access many services on the same domain & port, but separated by url like so:
<domain>/consul
<domain>/prometheus
<domain>/promdash
These will be routed to the correct backend servers/ports (8500, 9090, 3000) in this case.
The problem is of course that the UI will promote links without knowledge of the
/consul
prefix. I've searched documentation and issue tracker but could not find anything relevant.Is there a way I could tell the Consul UI to prefix all its links similar to how prometheus / promdash do it?
The text was updated successfully, but these errors were encountered: