Re: Openmeetings Docker behind reverse proxy
Hi,
Please try my config for proxy pass in nginx. My nginx listen port
2443 with ssl, openmeetings runs in docker with standart ports
exposed:
server {
listen 2443 ssl http2;
listen [::]:2443 ssl http2;
server_name localhost;
location /openmeetings {
proxy_pass https://localhost:5443/openmeetings;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
You can also add kurento if you wish:
location /kurento {
# prevents 502 bad gateway error
proxy_buffers 8 32k;
proxy_buffer_size 64k;
# redirect all HTTP traffic to localhost:8088;
proxy_pass http://127.0.0.1:/kurento;
# enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 9;
}
On Thu, Apr 2, 2020 at 3:01 PM Arndt, Wolfgang wrote:
>
> Hi,
>
> when i read this right i have to modify conf/jee-container.xml
>
> in the container.
>
> I cannot find a file like that in there.
>
>
>
> Second: I have to proxy websockets, too.
>
>
>
> I have no idea, how to doi this with
> https://github.com/nginx-proxy/nginx-proxy
>
>
>
> Wolfgang
>
>
>
>
>
>
>
>
>
>
> Von: Maxim Solodovnik
> Gesendet: Donnerstag, 2. April 2020 13:51
> An: Openmeetings user-list
> Betreff: Re: Openmeetings Docker behind reverse proxy
>
>
>
> https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass
>
> + search in this ML :)))
>
>
>
> On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote:
>
> Hi,
>
> my Openmeetings docker is working now. So i took the next step:
>
>
>
> I use the nginx-letsencrypt ssl proxy
> (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to
> auto-generate certs. This is working with other containers.
>
>
>
> As in the grafana expample from the page above , i start the OM-Docker
> container with an additional -e "VIRTUAL_PORT=5080"
>
>
>
> Now i can connect via the proxy to my OM container, the login page opens but
> i cannot login.
>
>
>
>
>
> INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779
> [nio-5080-exec-6] - Possible CSRF attack, request URL:
> http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage,
> Origin: https://om.x.de, action: aborted with error 400 Origin does not
> correspond to request
>
>
>
>
>
> Wolfgang
>
>
>
>
> --
>
> WBR
> Maxim aka solomax
Re: Openmeetings Docker behind reverse proxy
This detailed how-to is for version 4.0.x I have asked multiple times to ask SO question so I can put up-to-date 5.0.x config, but no question :) please search mailing list https://openmeetings.markmail.org/ server.xml need to be modified According to nginx: I'm not an expert here :( On Thu, 2 Apr 2020 at 20:01, Arndt, Wolfgang wrote: > Hi, > > when i read this right i have to modify conf/jee-container.xml > > in the container. > > I cannot find a file like that in there. > > > > Second: I have to proxy websockets, too. > > > > I have no idea, how to doi this with > https://github.com/nginx-proxy/nginx-proxy > > > > Wolfgang > > > > > > > > > > > *Von:* Maxim Solodovnik > *Gesendet:* Donnerstag, 2. April 2020 13:51 > *An:* Openmeetings user-list > *Betreff:* Re: Openmeetings Docker behind reverse proxy > > > > > https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass > > + search in this ML :))) > > > > On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang > wrote: > > Hi, > > my Openmeetings docker is working now. So i took the next step: > > > > I use the nginx-letsencrypt ssl proxy ( > https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to > auto-generate certs. This is working with other containers. > > > > As in the grafana expample from the page above , i start the OM-Docker > container with an additional -e "VIRTUAL_PORT=5080" > > > > Now i can connect via the proxy to my OM container, the login page opens > but i cannot login. > > > > > > INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 > [nio-5080-exec-6] - Possible CSRF attack, request URL: > http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, > Origin: https://om.x.de, action: aborted with error 400 Origin does > not correspond to request > > > > > > Wolfgang > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
AW: Openmeetings Docker behind reverse proxy
Hi, when i read this right i have to modify conf/jee-container.xml in the container. I cannot find a file like that in there. Second: I have to proxy websockets, too. I have no idea, how to doi this with https://github.com/nginx-proxy/nginx-proxy Wolfgang Von: Maxim Solodovnik Gesendet: Donnerstag, 2. April 2020 13:51 An: Openmeetings user-list Betreff: Re: Openmeetings Docker behind reverse proxy https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass + search in this ML :))) On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote: Hi, my Openmeetings docker is working now. So i took the next step: I use the nginx-letsencrypt ssl proxy (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to auto-generate certs. This is working with other containers. As in the grafana expample from the page above , i start the OM-Docker container with an additional -e "VIRTUAL_PORT=5080" Now i can connect via the proxy to my OM container, the login page opens but i cannot login. INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 [nio-5080-exec-6] - Possible CSRF attack, request URL: http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, Origin: https://om.x.de, action: aborted with error 400 Origin does not correspond to request Wolfgang -- WBR Maxim aka solomax
Re: Openmeetings Docker behind reverse proxy
https://stackoverflow.com/questions/51721771/apache-openmeetings-4-0-4-csrf-attack-when-using-apache2-as-proxypass + search in this ML :))) On Thu, 2 Apr 2020 at 18:19, Arndt, Wolfgang wrote: > Hi, > > my Openmeetings docker is working now. So i took the next step: > > > > I use the nginx-letsencrypt ssl proxy ( > https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to > auto-generate certs. This is working with other containers. > > > > As in the grafana expample from the page above , i start the OM-Docker > container with an additional -e "VIRTUAL_PORT=5080" > > > > Now i can connect via the proxy to my OM container, the login page opens > but i cannot login. > > > > > > INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 > [nio-5080-exec-6] - Possible CSRF attack, request URL: > http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, > Origin: https://om.x.de, action: aborted with error 400 Origin does > not correspond to request > > > > > > Wolfgang > -- WBR Maxim aka solomax
Openmeetings Docker behind reverse proxy
Hi, my Openmeetings docker is working now. So i took the next step: I use the nginx-letsencrypt ssl proxy (https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/) to auto-generate certs. This is working with other containers. As in the grafana expample from the page above , i start the OM-Docker container with an additional -e "VIRTUAL_PORT=5080" Now i can connect via the proxy to my OM container, the login page opens but i cannot login. INFO 04-02 10:59:37.346 o.a.w.p.h.CsrfPreventionRequestCycleListener:779 [nio-5080-exec-6] - Possible CSRF attack, request URL: http://om.x.de/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage, Origin: https://om.x.de, action: aborted with error 400 Origin does not correspond to request Wolfgang
