search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
3.68k stars 511 forks source link

Config for caddy v2, RDP not working #5227

Open huuub opened 1 year ago

huuub commented 1 year ago

I am using a vm machine created on proxmox 8 bare metal using https://tteck.github.io/Proxmox/ So it has it's own IP address. Locally it works. I got it to work on Caddy V2 by adding these 2 parameters in the config: TLSoffload and Cert and putting my domain there. (no need for the relay ports since it is using its own IP) However the RDP possibilities are greyed out then. I also tried using the cloudflare tunnnel and see the same behaviour.

caddy config: meshcentral.mydomain.com { tls cloudflareemail { dns cloudflare cloudflarekey } reverse_proxy 192.168.1.x:443

Is there anything I still need to get RDP working?

si458 commented 1 year ago

I believe you might need to enable the Web rdp in your config.json

check the scheme.json file for all the options

huuub commented 1 year ago

Ok... I solved it. For those interested. And using caddy. this is for caddy: meshcentral.mydomain.com { tls cloudflareemail { dns cloudflare cloudflarekey } reverse_proxy 192.168.1.x:443

This is for the config for meshcentral assuming meshcentral has its own IP, so port 80 and 443 are only used by meshcentral on that IP:

settings "cert": "meshcentral.yourdomain.com", "Tlsoffload": "ip of caddy",

domains certurl": "https://meshcentral.yourdomain.com"

thats all...

SemoTech commented 2 weeks ago

Hey @huuub, glad you fixed yours.

I have the same issue and cannot get MeshCentral to load with this Caddy configuration. Here is my setup:

MeshCentral Config (stripped of non-relevant entries):

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "__comment__": "172.22.0.5 is the Caddy container IP",
  "settings": {
    "plugins":{"enabled": true},
    "cert": "mesh.example.com",
    "port": 443,
    "RedirPort": 80,
    "TLSOffload": "172.22.0.5",
  },
  "domains": {
    "": {
      "Title": "Example MeshCentral",
      "certUrl": "https://mesh.example.com",
    }
  }
}

Caddyfile config for MeshCentral:

mesh.example.com {
        reverse_proxy https://meshcentral
}

Mesh Central Logs show no errors:

MeshCentral HTTP redirection server running on port 80.
MeshCentral v1.1.24, Hybrid (LAN + WAN) mode, Production mode.
MeshCentral Intel(R) AMT server running on mesh.example.com:4433.
Loaded web certificate from "https://mesh.example.com", host: "mesh.example.com"
  SHA384 cert hash: 9001e831ffe6a0806607c987f3429129094ac087e04e1f86778955242648d7d7059bd5a4f223857689132203fa24b67d
MeshCentral HTTP server running on port 443.

Caddy logs also show no show errors, yet the browser just displays a blank page with no MeshCentral login or any other content, though the URL reads https://mesh.example.com and the SSL certificate is a valid Let's Encrypt instance for this FQDN.

Any ideas how to properly fix?