Open shawnweeks opened 4 years ago
After looking at this more it seems like something might be broken with how Cockpit handles UrlRoot because after setting it like above when I try to access https://cloudctl.dev.example.com:9090/cockpit/ at the login css is broken as well.
I think the problem is that cockpit has for some reason reserved the /cockpit/
url prefix as something special. It's not clear to me why. See the documentation under UrlRoot. Ignoring this seems to break the UI.
I was able to login if I used a different UrlRoot
however the websockets connection still failed.
After poking around a little with haproxy, I've got what seems to be a fully working setup:
/etc/cockpit/cockpit.conf
[Webservice]
;Use https and wss if using haproxy with SSL
Origins = http://hostname ws://hostname
ProtocolHeader = X-Forwarded-Proto
AllowUnencrypted = true
UrlRoot=/admin/
/etc/haproxy/servers.cfg
frontend public
bind *:80
default_backend other_backend
acl is_websocket path_beg /admin/cockpit/socket
acl is_websocket hdr(Upgrade) -i WebSocket
acl is_websocket hdr_beg(Host) -i ws
use_backend cockpit_websocket if is_websocket
use_backend cockpit if { path_beg /admin/ }
backend cockpit_websocket
option http-server-close
option forceclose
option redispatch
option forwardfor
server cockpit-ws1 127.0.0.1:9090
backend cockpit
option forwardfor
server cockpit1 127.0.0.1:9090
I haven't looked much at if this configuration can be reduced more.
Edit: One small issue is that links on the web interface don't provide the correct relative URL in all cases.
I think the problem is that cockpit has for some reason reserved the
/cockpit/
url prefix as something special. It's not clear to me why. See the documentation under UrlRoot. Ignoring this seems to break the UI.
Hmm, didn't we fix this in https://github.com/cockpit-project/cockpit/issues/10073?
@mvollmer When I tried, it did not work. Also, when running under a non-standard rootUrl, it does not get prepended to urls on the page. While the normal DOM hotswapping of the active tab works, if you middle click a tab, the opened tab is missing the urlRoot. Been meaning to document this more explicitly and make a new issue...
It would be great if we had an HAProxy Example to go along with the Apache and Nginx Examples. I've spent several hours trying to get a working example going and haven't managed to translate the other examples over to something fully working.
Here is my configuration so far.
With this example I can access the login page at https://cloudctl.dev.example.com/cockpit and most things work. Once I logout I'm redirected to the login page and the styles aren't loaded.