search

bastienwirtz / homer

A very simple static homepage for your server.
https://homer-demo.netlify.app/
Apache License 2.0
9.34k stars 786 forks source link

Portainer type not working #395

Closed jnaav closed 2 years ago

jnaav commented 2 years ago

I am trying custom services and Portainer is not working for me (pi-hole, sonarr/radarr are working fine).

I access homer with http://server-ip:port like other services.

When loading the dashboard, I can see in the console log that portainer calls are failing:

OPTIONS http://server-ip:9000/api/endpoints -> CORS Missing Allow Origin GET http://server-ip:9000/api/endpoints -> NS_ERROR_DOM_BAD_URI

The token is right and is sending in the headers.

I tried the same with postman and it works fine. Maybe some other header is needed?

Roundaround commented 2 years ago

As you can see in the response from the initial OPTIONS request, this is a problem with CORS. Unfortunately the nature of a front-end-only dashboard means that you need to take some extra steps to circumvent CORS policies.

See https://github.com/bastienwirtz/homer/blob/main/docs/troubleshooting.md

Personally I wrote myself a very simple proxy API that I host on the same machine to do this, similar to the ones mentioned in the docs.

SHU-red commented 2 years ago

Hi and thanks for the troubleshooting documentation. I would love to have the api-informations of portainer on the homer dashboard.

As documented in the troubleshoot area, i created a cors-container and i am able to access portainer via

      - name: "Portainer"
        logo: "assets/tools/portainer.svg"
        subtitle: "on TrueNAS SCALE" 
        tag: "Jarvis"
        url: "http://SERVERFOREVERYTHING:3500/http://SERVERFOREVERYTHING:9000/"
        type: "Portainer"
        apikey: "ptr_SUPERSAFETOKEN="

I still get in the debug console of my browser:

SERVERFOREVERYTHING/:1 Access to fetch at 'http://SERVERFOREVERYTHING:3500/http://SERVERFOREVERYTHING:9000/api/endpoints' from origin 'http://SERVERFOREVERYTHING:8081' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Is there something im doing wrong?

SHU-red commented 2 years ago

And one additional question: Would it maybe be useful if two urls could be set in the homer-config-file? One for the api-path and one for the link itsself? This way such fancy stuff could be "divided" from the basic intend to directly open a certain link

SHU-red commented 2 years ago

In the cors-container repository it is written:

This is not enabled by default as this option mutates the original response body.

Set `rewrite-urls` in the request header to cors-cotainer if you want relative URLs rewriting.

I think this is something which should then be included in the homer-request-header right?