ixvd/neo
Archived
3
0
Fork 0
Code Issues 4 Pull requests Projects Activity Actions

hopeful proxy fix

Browse source
This commit is contained in:
Didier Slof 2023-02-07 13:14:50 +01:00
parent 996e8fc164
commit b3db38ad76
Signed by: didier
GPG key ID: 01E71F18AA4398E5
2 changed files with 45 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

41
custom/proxy/config/conf.d/proxy-kasm.conf Normal file
View file

@ -0,0 +1,41 @@
server {
server_name kasm.neo.faulty.nl;
access_log /var/log/nginx/access.log vhost;
listen 443 ssl http2 ;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/kasm.neo.faulty.nl.crt;
ssl_certificate_key /etc/nginx/certs/kasm.neo.faulty.nl.key;
ssl_dhparam /etc/nginx/certs/kasm.neo.faulty.nl.dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/certs/kasm.neo.faulty.nl.chain.pem;
location / {
# The following configurations must be configured when proxying to Kasm Workspaces
# WebSocket Support
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Host and X headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Connectivity Options
proxy_http_version 1.1;
proxy_read_timeout 1800s;
proxy_send_timeout 1800s;
proxy_connect_timeout 1800s;
proxy_buffering off;
# Allow large requests to support file uploads to sessions
client_max_body_size 10M;
# Proxy to Kasm Workspaces running locally on 8443 using ssl
proxy_pass https://kasm:8443 ;
}
}

5
docker-compose.utils.yml
View file

@ -165,8 +165,9 @@ services:
container_name: kasm container_name: kasm
privileged: true privileged: true
environment: environment:
- KASM_PORT=4443 - KASM_PORT=8443
- TZ=Europe/London - TZ=Europe/London
- LETSENCRYPT_HOST=kasm.neo.faulty.nl
volumes: volumes:
- /srv/kasm/data:/opt - /srv/kasm/data:/opt
- /srv/kasm/other/profiles:/profiles #optional - /srv/kasm/other/profiles:/profiles #optional
@ -174,8 +175,8 @@ services:
- /run/udev/data:/run/udev/data #optional - /run/udev/data:/run/udev/data #optional
ports: ports:
- 3000:3000 - 3000:3000
- 4443:4443
restart: unless-stopped restart: unless-stopped
proxy:
networks: networks:
metrics: metrics: