Hi, I did not find any information regarding the use of a http reverse
proxy (e. g. nginx) in front of the cockpit http server.
Specifically I want nginx to do all the TLS stuff while it connects to
cockpit via plain http.
I got this to work by changing the "Origin" Http-Header from https to
http. Otherwise cockpit complains about a "bad Origin".
I included the nginx config sample as attachment.
I hope this can help others trying to set this up with nginx and maybe
it can be added to the wiki on github.
Best Regards
r3ddr4gOn
http {
server {
listen 443 ssl;
listen [::]:443 ssl;
#...
location / {
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
# needed for websocket
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# change scheme of "Origin" to http
proxy_set_header Origin http://$host;
proxy_pass http://127.0.0.1:9090;
}
}
_______________________________________________
cockpit-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
