Trying start behind a reverse proxy... #4
Comments
|
I’m really not that familiar with reverse proxies, but if you figure it out let me know. I’ll leave this issue open and see if we can solicit some feedback from the community. |
|
@treyyoder Would it be possible to add a self signed cert and load apache with SSL, then the reverse proxy will work ( I think). |
|
ratnose, I use subdirectories so that my main Let's Encrypt cert works for anything I add. i.e. www.myserver.com is SSLd and so when I spun this up www.myserver.com/quake/ was signed as well. But, using apache as my reverse proxy, I just couldn't get it to work. What do I forward port 8080 or 27960? Both? I want to get this going so I can invite people but not need them to be on LAN. |
|
Hey all. Created an account to join in. I know ratnose from another group. I have a partly working nginx config to use with the QuakeJS container, however the problem is that I need to have SSL to SSL transfer of the files from Apache to Nginx. In the browser console, it is being blocked. Basically, it is an all or nothing approach with the HTTPS side to get it working with the reverse proxy. It is either all traffic between the Apache server to the Nginx server is over HTTPS, or it all has to be over HTTP. I feel a self signed cert would the way to go on the Apache server and to allow HTTPS on it rather than purely HTTP. If I can get my config working, I don't mind sharing what I have for those that would like to use it. |
|
@NitroBiedermann If you get your config working, I would be interested to use it. Currently, the game is accessible with the following URL: |
|
@nazarimilad I'll share once I have mine working when the internal Apache server has an SSL cert loaded. |
|
oke thanks! |
|
One thing that would probably fix the problem for all is to just use '//' instead of 'http://' or 'https://' when referencing scripts or building urls to call via javascript. It's an old trick and all browsers support it. It basically just tells the browser to use whatever protocol the page was loaded with. |
|
So I've gotten as far getting the JS logo to load on the webpage when running it behind traefikv2 with HTTPS enforced, I've been unable to get any further than that though unfortunately. Dropping my compose file for quake for anyone who may know more. `version: "3.8" QuakeJS - Quake JS serverservices: networks: |
|
The issue, at least from my Chrome debug console, is that apache needs to have SSL enabled with a self-signed cert. I'm at the same situation as you are with only the logo showing up behind my nginx reverse proxy. The browser logs will say that the scripts cannot be loaded from unsecured sources, aka from the apache server. |
|
I'm getting this from within firefox. Blocked loading mixed active content "http://192.168.1.121/assets/manifest.json" I believe it's because I'm forcing HTTPS but it pulls the content using http, not sure if there would be a good way of dealing with this. Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1/assets/manifest.json. (Reason: CORS request did not succeed). Seems that because the Apache server as you said is using HTTP you're unable to run the quake server using HTTPS. |
|
Basically the quick fix is to set your toml to load the QuakeJS server in HTTP only and then it works. In general, the content will need to load from HTTP to HTTP, or HTTPS to HTTPS. My problem is my nginx is using global configs that push everything to HTTPS and I really don't feel like redoing all of it just for QuakeJS when the easy fix would be to have the Apache load in HTTPS in addition to HTTP. |
|
Exactly my scenario, my traefik proxy redirects all http requests to https, not sure if I can have service specific setups created but ideally i'd rather it was all using https if I'm going to be sharing externally, otherwise i'll just host it locally :) |
|
Indeed, I would prefer to host it over HTTPS as well. For now, I can host it locally and it works just fine, but I'd like to share the link with a few people securely externally, however I can always wait for that. |
|
Would also love to be able to host for external users, rather than just local. I'm not very adept at all when it comes to this stuff though and mainly get by on spaceinvaderone tutorials. I thought I was going mad earlier before I found this post trying to get this to work through my reverse proxy. |
|
HTTPS please! |
|
I had assumed this would be easier for me to figure out, essentially you should be able to go into the container and follow this guide. https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04 Once thats all sorted out it should be easier to natively integrate it into the dockerfile. |
|
Has anyone tried using nginx? |
|
I tried nginx with no luck, i just get a JS logo. Id like to know what config to use if anyone figures it out. This is what im using now. server { ` |
|
Can't believe I commented two years ago and this issue is still floating around 😁. Anyways, there's nothing anyone can do to solve this. The problem is hard-coded "http://" links in the source code. The only way to fix it is to fork it and change the source code, or modify the returned html in flight as it is proxied. I know IIS can do some regex matching and replacement stuff, no idea if others (nginx, etc.) can as well. |
Have you had any luck getting this to work @professor-farnsworth? I attempted it ( see #12 ) with no joy. The other issue putting it behind nginx is |
|
I believe you can modify the contents using nginx. https://nginx.org/en/docs/http/ngx_http_sub_module.html Not sure about the CORS issue though. I haven't touched this much in a while though. |
|
You all aren't going to love this answer. However, it is an answer of sorts. Here's what I did:
It's not perfect but it's what I got. Cheers to a great game. |
|
Same problem. Using Traefik on truenas, so it's not as easy to change my proxy configs - I think this guy has the right idea but I haven't built the image and tried it yet - https://github.com/PrinzWalium/quakejs-docker-ssl |
|
I've built the image, and it still doesn't work with Traefik. |
Where would you do this change from HTTP? I installed this container on Unraid. Do I need to create my own docker container? |
|
@HotWinterDays, please try the changes in #24. This should allow for an easy reverse proxy setup. |
I can reach quakejs on LAN but not all I wanna frag is on LAN, so I thought hey lets give it a subdomain and let the carnage begin!
But oh now... localip:8080 works, nginx reverse proxy points to localip:8080 as so many other subdomains, but this gives me an forbidden error (111) and in the browser it says 502.
The text was updated successfully, but these errors were encountered: