Replies: 1 comment 3 replies
-
This might not work correctly because you are proxying https://mydomain.com/mesh/ to http://127.0.0.1:4430/mesh/ You need to get nginx to remove to the /mesh/ at the end for the inside proxy I think it would be better to use a subdomain instead and get nginx to reverse that to https://127.0.0.1:4430/ |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Not sure where to post this, but this looks like a good spot. This is a general "Is this even possible?" type of question. I have a Linux server set up with proper DNS, SSL, etc. which is running an Nginx server as proxy. I also have Mattermost (OSS Slack-like server) running on port 8065 and Nginx re-routes 80 => 443 and does a proxy_pass of port 443 to 8065 for an SSL connection to Mattermost.
I'm trying to set up MeshCentral with Nginx so that the location "/mesh/" gets a proxy_pass from 443 to 4430, 80 to 800, etc. just like in the documentation. Problem is, I can get to the MeshCentral login screen and login but, once I login, I get the message "Unable to connect web socket, click to reconnect." with the proper "MeshCentral" header with a black background at the bottom. I see the leftmost bar ever so briefly when I click the login button, then it disappears and shows the black screen.
I've gone through all of the posts and set it up for websockets properly in my Nginx config:
proxy_pass http://127.0.0.1:4430/;
proxy_http_version 1.1;
# Allows websockets over HTTPS.
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_read_timeout 86400;
proxy_set_header Host $host;
I've also run MeshCentral in debug mode and I see no errors. But from what I've read, the MeshCentral clients need to access port 443. So the question becomes, since the Mattermost server also uses port 443, is what I'm trying to do even possible?
Here's the relevant section of my config.json:
"settings": {
"cert": "mesh.mydomain.com",
"WANonly": true,
"LANonly": false,
"TlsOffload": "127.0.0.1",
"_sessionKey": "myp@ssw0rd",
"port": 4430,
"aliasPort": 443,
"redirPort": 800,
"redirAliasPort":80,
"cookieIpCheck": false,
"AgentPong": 300
},
"domains": {
"": {
"certUrl": "https://127.0.0.1:443/",
"title": "MeshCentral",
"_title2": "MeshCentral Server",
"_minify": true,
"_newAccounts": true,
"_userNameIsEmail": true
}
},
Any help is GREATLY appreciated! I'm basically looking for confirmation (or not!) that this is even possible.
Beta Was this translation helpful? Give feedback.
All reactions