Comments (28)
Sorry for the late reply
Do the usual stuff for a host entry, leave custom locations empty, and then replace <server_ip> and add the below to the advanced section of Nginx Proxy Manager for the host
proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_ssl_server_name on; location /web/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection \"upgrade\"; proxy_redirect http:// https://; proxy_pass http://<server_ip>:8090/web/; } location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection \"upgrade\"; add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; proxy_redirect http:// https://; proxy_buffering off; proxy_intercept_errors on; proxy_http_version 1.1; proxy_pass http://<server_ip>:8088/; }
excuse me,i have try several times to put this into Custom Nginx Configuration
but it warming : Please note, that any add_header or set_header directives added here will not be used by nginx. You will have to add a custom location '/' and add the header in the custom config there.
the both proxy_pass settings had been changed to my container ip and port
the container is running ,web up, but the api test failed
i dont konw what should i do now, so plagued
i used Nginx Proxy Manager
Looking forward to your help
from headscale-ui.
For someone who also runs into the same issue as I did, I have to trun OFF the "Cache Assets" for the proxy host and things would work without any tricks.
It's actually because assets go to different location which doesn't recognize the /web path:
from headscale-ui.
As I do not actively use nginx proxy manager, and given the lack of supporting detail, I don't have an answer for you.
Information about security can be found in SECURITY.MD
from headscale-ui.
I need settings for "Nginx Proxy Manager" web UI
how do you secure the login?
Please help
I have a working install
from headscale-ui.
also need settings for "Nginx Proxy Manager" web UI, please
thanks a lot
from headscale-ui.
Sorry for the late reply
Do the usual stuff for a host entry, leave custom locations empty, and then replace <server_ip> and add the below to the advanced section of Nginx Proxy Manager for the host
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_ssl_server_name on;
location /web/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection \"upgrade\";
proxy_redirect http:// https://;
proxy_pass http://<server_ip>:8090/web/;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection \"upgrade\";
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
proxy_redirect http:// https://;
proxy_buffering off;
proxy_intercept_errors on;
proxy_http_version 1.1;
proxy_pass http://<server_ip>:8088/;
}
from headscale-ui.
Do you have a properly working NPM with an SSL CRT you are using with other applications ?
from headscale-ui.
@ithakaa I try your config and I'm getting the error "Client sent an HTTP request to an HTTPS server." but I think It's because in the
location /web/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection \"upgrade\";
proxy_redirect http:// https://;
proxy_pass http://<server_ip>:8090/web/;
the last line should be https. but even when I change it I get a withe screen no errors just when accessing the ui the other part works fine. Any idea what I'm doing wrong?
from headscale-ui.
the last line should be https.
it works for me
are you using a valid ssl crt with NPM ?
from headscale-ui.
Yes, I already have external clients running I just want to try the web-ui. Just to be clear the ports you use there. the location /web/ port is the one I have configured in Headscale-ui and the location / is the port I have configured for Headscale?
from headscale-ui.
I've provided screenshots, might be easier this way, let me know how you go
https://github.com/ithakaa/headscale-ui-npm/blob/main/README.md
from headscale-ui.
Thank you very much. Your installation is with docker?
from headscale-ui.
Your installation is with docker?
yes
from headscale-ui.
This is my compose
version: '3.5'
services:
headscale:
container_name: headscale
image: headscale/headscale:latest
restart: unless-stopped
#ports:
# - 8011:8080
volumes:
- /srv/dev-disk-by-uuid-36ffb5ee-7f60-4aea-bc0c-45c47cfbd3f7/containersdata/headscale/config:/etc/headscale
- /srv/dev-disk-by-uuid-36ffb5ee-7f60-4aea-bc0c-45c47cfbd3f7/containersdata/headscale/data:/var/lib/headscale
command: headscale serve
networks:
nginxproxymanager_default:
headscale-ui:
image: ghcr.io/gurucomputing/headscale-ui:latest
restart: unless-stopped
container_name: headscale-ui
#ports:
# - 8443:443 # Use the port of your choice, but map it to 443 on the container
networks:
nginxproxymanager_default:
networks:
nginxproxymanager_default:
external: true
can you share your compose. that way I will have everything the same. Thanks
from headscale-ui.
version: '3.6'
services:
headscale:
container_name: headscale
image: headscale/headscale:latest
command: headscale serve
restart: unless-stopped
ports:
- '8089:9090'
- '8088:8080'
volumes:
- ./data:/etc/headscale
- ./config:/var/lib/headscale
headscale-ui:
image: ghcr.io/gurucomputing/headscale-ui:latest
restart: unless-stopped
container_name: headscale-ui
ports:
- 8090:80
from headscale-ui.
@ithakaa Thank for all your help. It was right since the beginning the whole problem was the Browser cache.
from headscale-ui.
@ithakaa Hi, so I am using your NPM config and while it generally works fine, the server isn't available through https://:8080/ and just errors with SSL_ERROR_RX_RECORD_TOO_LONG, just removing the 8080 port makes it all work fine.
This is mostly an annoyance since I can technically always remove the port from the register urls, but is annoying, and might be breaking taildrop, but I am not sure yet. (the send to list is entirely empty).
You wouldn't have any ideas on why this is happening?
Some headscale config setting that I shouldn't have changed or something.
from headscale-ui.
the server isn't available through https://:8080/ and just errors with SSL_ERROR_RX_RECORD_TOO_LONG, just removing the 8080 port makes it all work fine.
Are you getting the ssl error when registering nodes or when accessing the headscale ui?
from headscale-ui.
I am getting that error when registering, but accessing the headscale UI I am pretty sure isn't something you should be doing with https://:8080/web, however it errors in the same way.
Using any port not in use of course gives an unable to connect error.
from headscale-ui.
you need to register via http://server_ip:8080
from headscale-ui.
Which is what doesn't work, to register I need to manually remove the port from the URL, otherwise I just get that SSL error.
from headscale-ui.
@mackandelius if the address start with https you cannot use the port 8080. just use your domain. example https://mydomain.com/web
from headscale-ui.
otherwise I just get that SSL error.
Are you using the headscale-ui docker image that includes headscale and headscale-ui?
from headscale-ui.
@appleimperio that is what I am doing, but the app and program both direct you towards a url using the :8080 port, if this is expected behavior then that is clunky and not worth it.
from headscale-ui.
@ithakaa sorry, forgot to mention that I am not, forgot the exact reasons now, but was actually just easier installing headsclae to the server directly, headscale-ui is running in docker.
Which means it might be that docker network I am missing.
from headscale-ui.
headscale-ui is running in docker.
To be absolutely honest, I actually wouldn't even bother with headscale-ui
The headscale cli is super simple
from headscale-ui.
Regardless, doesn't headscale require HTTPS at least partially?
Since lines in the config about setting up letsencrypt?
from headscale-ui.
Regardless, doesn't headscale require HTTPS at least partially? Since lines in the config about setting up letsencrypt?
Sorry I can't be any further assistance, it seems you need to look into headscale a little more deeply before you start posting requests for help
from headscale-ui.
Related Issues (20)
- accessing headscale server on same lan over http (not https) HOT 2
- Feature Request: Show assigned user of machine in the Device View HOT 2
- Trying to deploy the "static site" but failing HOT 2
- nginx proxy location config help HOT 3
- CORS is not working HOT 2
- WebUI Login Security by Authentik or Token HOT 5
- Ionscale support? HOT 2
- I encountered an error when adding the key HOT 4
- 404 on GET https://<domain>/api/v1/machine HOT 2
- Device view fails (tested with headscale docker image 0.23.0) HOT 2
- House Keeping
- Fix developer image pipeline
- Remove Dynamic API check in future version HOT 1
- An error when test server key HOT 1
- New Container start HOT 6
- [Feature Request] Add machines from UI HOT 1
- Swag + Authentik + Headscale-UI HOT 3
- Missing "Bear" Prefix HOT 1
- Headscale dropped docker tag for headscale:latest HOT 1
- Changes in LastSeen / Online fields in the Headscale API
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from headscale-ui.