Re: Openmeetings Docker behind reverse proxy
Hi, Please try my config for proxy pass in nginx. My nginx listen port 2443 with ssl, openmeetings runs in docker with standart ports exposed: server { listen 2443 ssl http2; listen [::]:2443 ssl http2; server_name localhost; location /openmeetings { proxy_pass https://localhost:5443/openmeetings; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } You can also add kurento if you wish: location /kurento { # prevents 502 bad gateway error proxy_buffers 8 32k; proxy_buffer_size 64k; # redirect all HTTP traffic to localhost:8088; proxy_pass http://127.0.0.1:/kurento; # enables WS support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 9; } On Thu, Apr 2, 2020 at 3:01 PM Arndt, Wolfgang wrote: > > Hi, > > when i read this right i have to modify conf/jee-container.xml > > in the container. > > I cannot find a file like that in there. > > > > Second: I have to proxy websockets, too. > > > > I have no idea, how to doi this with > https://github.com/nginx-proxy/nginx-proxy > > > > Wolfgang > > > > > > > > > > > Von: Maxim Solodovnik > Gesendet: Donnerstag, 2. April 2020 13:51 > An: Openmeetings user-list > Betreff: Re: Openmeetings Docker behind reverse proxy > > > > https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass > > + search in this ML :))) > > > > On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote: > > Hi, > > my Openmeetings docker is working now. So i took the next step: > > > > I use the nginx-letsencrypt ssl proxy > (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to > auto-generate certs. This is working with other containers. > > > > As in the grafana expample from the page above , i start the OM-Docker > container with an additional -e "VIRTUAL_PORT=5080" > > > > Now i can connect via the proxy to my OM container, the login page opens but > i cannot login. > > > > > > INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 > [nio-5080-exec-6] - Possible CSRF attack, request URL: > http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, > Origin: https://om.x.de, action: aborted with error 400 Origin does not > correspond to request > > > > > > Wolfgang > > > > > -- > > WBR > Maxim aka solomax
Re: Openmeetings Docker behind reverse proxy
This detailed how-to is for version 4.0.x I have asked multiple times to ask SO question so I can put up-to-date 5.0.x config, but no question :) please search mailing list https://openmeetings.markmail.org/ server.xml need to be modified According to nginx: I'm not an expert here :( On Thu, 2 Apr 2020 at 20:01, Arndt, Wolfgang wrote: > Hi, > > when i read this right i have to modify conf/jee-container.xml > > in the container. > > I cannot find a file like that in there. > > > > Second: I have to proxy websockets, too. > > > > I have no idea, how to doi this with > https://github.com/nginx-proxy/nginx-proxy > > > > Wolfgang > > > > > > > > > > > *Von:* Maxim Solodovnik > *Gesendet:* Donnerstag, 2. April 2020 13:51 > *An:* Openmeetings user-list > *Betreff:* Re: Openmeetings Docker behind reverse proxy > > > > > https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass > > + search in this ML :))) > > > > On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang > wrote: > > Hi, > > my Openmeetings docker is working now. So i took the next step: > > > > I use the nginx-letsencrypt ssl proxy ( > https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to > auto-generate certs. This is working with other containers. > > > > As in the grafana expample from the page above , i start the OM-Docker > container with an additional -e "VIRTUAL_PORT=5080" > > > > Now i can connect via the proxy to my OM container, the login page opens > but i cannot login. > > > > > > INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 > [nio-5080-exec-6] - Possible CSRF attack, request URL: > http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, > Origin: https://om.x.de, action: aborted with error 400 Origin does > not correspond to request > > > > > > Wolfgang > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
AW: Openmeetings Docker behind reverse proxy
Hi, when i read this right i have to modify conf/jee-container.xml in the container. I cannot find a file like that in there. Second: I have to proxy websockets, too. I have no idea, how to doi this with https://github.com/nginx-proxy/nginx-proxy Wolfgang Von: Maxim Solodovnik Gesendet: Donnerstag, 2. April 2020 13:51 An: Openmeetings user-list Betreff: Re: Openmeetings Docker behind reverse proxy https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass + search in this ML :))) On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote: Hi, my Openmeetings docker is working now. So i took the next step: I use the nginx-letsencrypt ssl proxy (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to auto-generate certs. This is working with other containers. As in the grafana expample from the page above , i start the OM-Docker container with an additional -e "VIRTUAL_PORT=5080" Now i can connect via the proxy to my OM container, the login page opens but i cannot login. INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 [nio-5080-exec-6] - Possible CSRF attack, request URL: http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, Origin: https://om.x.de, action: aborted with error 400 Origin does not correspond to request Wolfgang -- WBR Maxim aka solomax
Re: Openmeetings Docker behind reverse proxy
https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass + search in this ML :))) On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote: > Hi, > > my Openmeetings docker is working now. So i took the next step: > > > > I use the nginx-letsencrypt ssl proxy ( > https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to > auto-generate certs. This is working with other containers. > > > > As in the grafana expample from the page above , i start the OM-Docker > container with an additional -e "VIRTUAL_PORT=5080" > > > > Now i can connect via the proxy to my OM container, the login page opens > but i cannot login. > > > > > > INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 > [nio-5080-exec-6] - Possible CSRF attack, request URL: > http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, > Origin: https://om.x.de, action: aborted with error 400 Origin does > not correspond to request > > > > > > Wolfgang > -- WBR Maxim aka solomax
Openmeetings Docker behind reverse proxy
Hi, my Openmeetings docker is working now. So i took the next step: I use the nginx-letsencrypt ssl proxy (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to auto-generate certs. This is working with other containers. As in the grafana expample from the page above , i start the OM-Docker container with an additional -e "VIRTUAL_PORT=5080" Now i can connect via the proxy to my OM container, the login page opens but i cannot login. INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 [nio-5080-exec-6] - Possible CSRF attack, request URL: http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, Origin: https://om.x.de, action: aborted with error 400 Origin does not correspond to request Wolfgang