search

aerokube / selenoid-ui

Graphical user interface for Selenoid project
https://aerokube.com/selenoid-ui/latest/
Apache License 2.0
305 stars 76 forks source link

SSE Unknown over NGINX and TLS #442

Closed fniko closed 3 years ago

fniko commented 3 years ago

Hello, I like Selenoid and Selenoid-ui, so I wanted to use it behind domain name and with HTTPS (TLS) support. I am able to see dashboard and run tests, however SSE status is Unknown so no new tests are displayed without page refresh.

Is there any guide or fix of this issue?

Configuration below: We orchestrate docker containers with selenoid and selenoid-ui over docker-compose docker-compose.yml

version: '3'
networks:
  selenoid_network:
    name: selenoid_network
    driver: bridge
services:
  selenoid:
    image: "aerokube/selenoid:latest-release"
    networks:
      - selenoid_network
    container_name: selenoid
    ports:
      - "4445:4444"
    volumes:
      - "./config:/etc/selenoid"
      - "/var/run/docker.sock:/var/run/docker.sock"
    command: [ "-conf","/etc/selenoid/browsers.json","-container-network", "selenoid_network" ]
  selenoid-ui:
    image: "aerokube/selenoid-ui:latest-release"
    networks:
      - selenoid_network
    container_name: selenoid-ui
    ports:
      - "8080:8080"
    command: [ "--selenoid-uri","http://selenoid:4444" ]

Nginx configuration Please note, we wanted to access Selenoid over regular port 4444, so thats why it's locally mapped to 4445 and "forwarded" un the nginx config.

add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

upstream websocket-servers {
    server 127.0.01:8080;
}

# Selenoid UI over HTTPS
server {
    listen 443;
    server_name example.com;

    ssl on;
    ssl_certificate         /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;

    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 5m;
    ssl_stapling on;
    ssl_stapling_verify on;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "ECDHE...

    ssl_dhparam /etc/nginx/dhparams.pem;
    ssl_prefer_server_ciphers on;

    root /var/www/example.com;
    index index.html index.htm;

    location / {
        proxy_pass http://127.0.0.1:8080;

        proxy_http_version 1.1;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;

        proxy_connect_timeout 600;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
    }
}

# Selenoid over HTTPS
server {
    listen 4444;
    server_name example.com;

    ssl on;
    ssl_certificate         /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;

    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 5m;
    ssl_stapling on;
    ssl_stapling_verify on;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "ECDHE...

    ssl_dhparam /etc/nginx/dhparams.pem;
    ssl_prefer_server_ciphers on;

    root /var/www/example.com;
    index index.html index.htm;

    location / {
        proxy_pass http://127.0.0.1:4445;
    }
}

EDIT: No erros in browsers Console nor Network tab - tested in Chrome / Firefox / Safari. EDIT2: During refresh I have discovered error - it is shown only for few miliseconds during page refresh. I am investigating this error now. image

EDIT3: Okay, I definitely think the issue is in /events. This URL is not available through NGINX, however from host VM, I am receiving updates after calling curl 127.0.0.1:8080/events.

EDIT4: After some time (like 3 - 5 minutes), SSE turned green until refresh. I belive it's connected to the following request: image image image

vania-pooh commented 3 years ago

@fniko couldn't the following settings help you? https://stackoverflow.com/questions/13672743/eventsource-server-sent-events-through-nginx

fniko commented 3 years ago

@vania-pooh Hello! Thanks for quick response. I have updated location configuration to include suggested options and it works! Thanks and closing! :)

    location / {
        proxy_pass http://127.0.0.1:8080;

        proxy_http_version 1.1;

        proxy_set_header Connection '';
        chunked_transfer_encoding off;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;

        proxy_buffering off;
        proxy_cache off;

        proxy_connect_timeout 600;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
    }
fniko commented 3 years ago

I just discovered that VNC and LOGS stopped working. Gonna reopen this issue until fixed.

vania-pooh commented 3 years ago

@fniko the issue is here:

proxy_set_header Connection '';

Should be:

proxy_set_header Connection "upgrade";
fniko commented 3 years ago

You are right! Fixed the issue :) Thanks and closing again.