[Request/Done] Let's Encrypt Container


rix

Recommended Posts

On 3/6/2018 at 2:01 AM, dazzathewiz said:

 

So for Krusader - I got it to work (fixed the rolling gear) copying the settings under Nginx section in https://guacamole.apache.org/doc/gug/proxying-guacamole.html

(Note the docker runs guacamole)


location /guacamole/ {
    proxy_pass http://HOSTNAME:8080/guacamole/;
    proxy_buffering off;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    access_log off;
}

 

Hi, Could you post your config file? I tried doing this and it is not bringing me to anything. Just the default nginx page saying i need to configure more. Could you also let me know what filename you gave the config? Currently mine is: krusader.subdomain.conf and below is the content: 

 

server {
    listen 443 ssl;

    server_name ntkrusader.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;
    
    # enable for ldap auth, fill in ldap details in ldap.conf 
    #include /config/nginx/ldap.conf;

    location /guacamole/ {
    proxy_pass http://192.168.29.250:6080/guacamole/;
    proxy_buffering off;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    access_log off;
    }
}

 

Thanks ahead.

Link to comment
18 hours ago, Soldius said:

Hi, Could you post your config file? I tried doing this and it is not bringing me to anything. Just the default nginx page saying i need to configure more. Could you also let me know what filename you gave the config? Currently mine is: krusader.subdomain.conf and below is the content: 

 

server {
    listen 443 ssl;

    server_name ntkrusader.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;
    
    # enable for ldap auth, fill in ldap details in ldap.conf 
    #include /config/nginx/ldap.conf;

    location /guacamole/ {
    proxy_pass http://192.168.29.250:6080/guacamole/;
    proxy_buffering off;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    access_log off;
    }
}

 

Thanks ahead.

Hmmm... I prefer not to post my whole config, but here is the relevant parts I've pulled out of my config... this one is part of my default domain so it's not in a separate subdomain conf like yours is...

 

Are you getting an nginx error, or is it just not working when you hit https://yourdomain/guacamole/ ?

It may have to do with needing some of those variables configured... I can never remember every time I look at the file fresh it takes some time to remember what it does... :)

 

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;


# main server block
server {
	listen 443 ssl default_server;
	
	root /config/www;
	index index.html index.htm index.php;

	server_name _;

	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;

	client_max_body_size 0;



	# Krusader
    # -> https://guacamole.apache.org/doc/gug/proxying-guacamole.html
    location /krusader/ {
        include /config/nginx/proxy.conf;
        proxy_pass http://192.168.0.218:8088/;
        proxy_buffering off;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        access_log off;
	}
}


 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.