HTTPS

[r-vd-woude]

I'm running this on my own server, and it works great! I'm not that good with JavaScript though, and would like to implement SSL on my own server, how can I due that, I came up with the following code, but how do I implement it.

var express = require('express'); var https = require('https'); var http = require('http'); var fs = require('fs');

// This line is from the Node.js HTTPS documentation. var options = { key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'), cert: fs.readFileSync('test/fixtures/keys/agent2-cert.cert') };

// Create a service (the app object is just a callback). var app = express();

// Create an HTTP service. http.createServer(app).listen(80); // Create an HTTPS service identical to the HTTP service. https.createServer(options, app).listen(443);

(Code by Jacob Marble)

Thanks in advance!

[p0psicles]

You can also install a webserver that acts like a reverse proxy. For example nginx is relative easy to set up.

Adding https to the node server should also not be that hard. You will need to create a certificate. I believe that IFTTT does not allow you to connect to an endpoint using a self-signed certificate, so you will not be able to use something like openssl.

In stead you could go with letsencrypt. But here you will need to have a domain registered. If you've figured out how to get a certificate and pem (private key). Here is some info on it for self-signed. https://stackoverflow.com/questions/12871565/how-to-create-pem-files-for-https-web-server?answertab=votes#tab-top. For letsencrypt you will have to do some digging yourself.

[messiah109501]

I've managed to set up a reverse proxy on nginx using SSL but when I point to GoogleHomeKodi in the config file, I get this error:

{
    "message": "401 - Missing access token",
    "name": "ResponseException",
    "status": 401,
    "statusText": "401 - Missing access token"
}

Any ideas?

[keydon]

Missing access token

doesnt get much clearer than that :d

[messiah109501]

Sorry I'm new to reverse proxies and have been following some guides so far getting this reverse proxy set up in an Ubuntu VM. Can you please elaborate?

This is what I have set up in my nginx config file for the location:

location /kodigh {
                # Send traffic to the backend
                proxy_pass http://127.0.0.1:8099;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-Proto $remote_addr;
                proxy_set_header X-Forwarded-Protocol $scheme;
                proxy_redirect off;
}

From what I've read so far, it's saying it needs some form of authentication. But I can access the site fine without using any credentials which is puzzling me a bit.

[keydon]

Well only the root / doenst need the access token, all 'deeper' endpoints need a token to be present in a HTTP-POST-JSON body. So it should work fine when you try opening the start page in your browser. Does http://127.0.0.1:8090 work? If yes, your nginx config is the issue. We cannot help you with that. Ask in nginx discussion boards on how to properly set up a reverse proxy. But it seems your proxy does go 'too deep'. Maybe it adds /kodigh to the internal url itself like http://localhost:8099/kodigh, which would result in the error you are getting.

[keydon]

Maybe try

location ^~ /kodigh/ {

[messiah109501]

Thanks for the explanation keydon. I can access GHK fine via HTTP on local ip and external DNS with the port 8099 forwarded in my router. Just trying to make things a bit more secure through HTTPS and also wanted to forward some other services so reverse proxy looked like the best option for that.

Just tried your suggestion, still giving me the access token error. I'll keep playing around with it and see how I go. I've managed to forward a few other services through the reverse proxy so far so I'm making progress. Would love to get GHK working through it as well.

[messiah109501]

I've just tried adding it to the standard / location in the config file and that is now loading the GHK webpage fine. So it looks like you were right about it not liking the /kodigh redirection.

[disrupted]

I am also having issues setting up the nginx reverse proxy location for my GoogleHomeKodi instance running in Docker (using host network default port 8099). Basically my config looks very similar to the one @messiah109501 posted and I am receiving the same error about missing access token, can't even reach the index page. Opening the page from through http://<local-ip>:8099 works fine, so nginx is definitely the issue here. Pretty sure the code needs to be updated in order to specify the url base path for nginx ("/kodigh" in this case)

[keydon]

i got myself a nginx instance, googled a little and played around a little, this is now working fine:

location /kodigh/ {
    proxy_pass http://127.0.0.1:8099/;
    proxy_set_header Host $http_host;
    proxy_redirect     off;
}

pay attention to the trailing slashes at both lines location and proxy_pass

[messiah109501]

Just tested Keydon and that is working fine on my end as well. Thanks :)

[disrupted]

thanks @keydon, that worked brilliantly. my mistake was the trailing slash after location /kodigh was missing.

[viciouslancer]

I am using nginx to proxy several servers (sonarr, radarr, qBittorrent, NextCloud, guacamole) I got it to direct to KodiGH using @keydon 's code above but am getting Error 500 when trying to run commands from my browser. KodiGH works when I go directly to my IP:PORT.

[keydon]

@viciouslancer if your endpoint now looks like https://mydomain/KodiGH then you have to adjust the value in "The route you would like to test" accordingly. i.e. /KodiGH/koditestconnection

[viciouslancer]

@viciouslancer if your endpoint now looks like https://mydomain/KodiGH then you have to adjust the value in "The route you would like to test" accordingly. i.e. /KodiGH/koditestconnection

This worked, thanks!!! Now to program into IFTTT... is there an easy way to clone or something?

[keydon]

... is there an easy way to clone [an IFTTT-Applet] or something?

sadly no.