search

cockpit-project / cockpit

Cockpit is a web-based graphical interface for servers.
http://www.cockpit-project.org/
GNU Lesser General Public License v2.1
11.21k stars 1.11k forks source link

Cockpit shows "Not found" when using CloudFlare "Proxied" DNS setup #20979

Closed ashwalk33r closed 1 month ago

ashwalk33r commented 1 month ago

Explain what happens

I use CloudFlare as my DNS zone with "Proxied" setup (opposite to "Just DNS") NVIDIA_Share_YnANZHdBpI It hides all requests to server so IP is hidden and points to it with DNS A record. I use Reverse Proxy on my server https://cockpit-project.org/external/wiki/Proxying-Cockpit-over-NGINX Cockpit works but shows "Not Found" message: image When I disable CloudFlare DNS zone with "Proxied" setup and set it to "Just DNS" it works fine: image

I want to use CloudFlare Proxied setup to hide my Reverse Proxy server IP.

Version of Cockpit

ubuntu as if 2024-09-95 in apt install -t ${VERSION_CODENAME}-backports cockpit

Where is the problem in Cockpit?

Unknown or not applicable

Server operating system

Ubuntu

Server operating system version

24

What browsers are you using?

Chrome

System log

looks fine, wont paste, it contains my user logins
journalctl --since -10m
jelly commented 1 month ago

Is there anything in the browser console? And anything interesting in the headers of the request for the overview page?

ashwalk33r commented 1 month ago

@jelly image

Request URL: https://subdomain.example.com/system
Request Method: GET
Status Code: 200 OK
Remote Address: 104.26.4.29:443
Referrer Policy: no-referrer

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8be5b16c5f526643-AMS
content-encoding: br
content-security-policy: default-src 'self'; connect-src wss://subdomain.example.com 'self'; form-action 'self'; base-uri 'self'; object-src 'none'; font-src 'self' data:; img-src 'self' data:; block-all-mixed-content
content-type: text/html
cross-origin-resource-policy: same-origin
date: Thu, 05 Sep 2024 10:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJCSuFrjsi9ZurU%2B3wzzhHJB%2BZZTKelr4dsRyFQEq0iA%2FVoNIbUYPF8Tz9kYoxM8mULviJUDfzqBDhXj9VTznAqk4x%2FpJDWYtCpwhXIms8HatYNIK9IPLBzrsJWPkIbr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: sameorigin
Request URL: https://csubdomain.example.com/cockpit/@localhost/system/services.html
Request Method: GET
Status Code: 301 Moved Permanently
Remote Address: 104.26.4.29:443
Referrer Policy: no-referrer
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8be5b1712cec6643-AMS
content-length: 167
content-type: text/html
date: Thu, 05 Sep 2024 10:56:30 GMT
expires: Thu, 05 Sep 2024 11:56:30 GMT
location: /cockpit/@localhost/system/services
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWDJBMTyWLfsYunjq526ph%2Bq%2FwC%2F0Z5Evw9wKAdoDTpw6pqjYDNX%2B%2Fn2inCqIW8%2Fs2UoZRf44IMF67gIxFv27z2mh%2BSSVpNcea8sWbo5ZG9ODcRRnQEVjPm47rvWR8y9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
Request URL: https://subdomain.example.com/cockpit/@localhost/system/services
Request Method: GET
Status Code: 404 Not Found
Remote Address: 104.26.4.29:443
Referrer Policy: no-referrer
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8be5b1716d456643-AMS
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-origin
date: Thu, 05 Sep 2024 10:56:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryGrKsfOfuvk5BXKTTSPJmscHVW3vNBqg6tYTi6gQ9Qn7lv%2FHyaVLnVzPubemZUkjEqmdMbfiVgjtdFhI3dJHbWZjxl0Rchs%2BT27C4U4fpFz2p3AH25JzwCgsS3YGmAU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: sameorigin
Request URL: https://subdomain.example.com/cockpit/@localhost/updates/index
Request Method: GET
Status Code: 404 Not Found
Remote Address: 172.67.72.124:443
Referrer Policy: no-referrer
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8be5b951bec4bbc4-WAW
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-origin
date: Thu, 05 Sep 2024 11:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Olb9bSllPURjF%2B5eZu5j8BZxCNYb2xOFcnEpY3m2%2FfjSet9cVgWBSbF%2BmEKnPvikwgXojM3N%2BwuWamaCz5OymEgzGLdeWB%2F6%2Bi48byN8Phk0TYh40We4Tda50iuD0W%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: sameorigin

above responds with

<!DOCTYPE html>
<html>
<head>
    <title>Not found</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <style>
    body {
            margin: 0;
            font-family: "RedHatDisplay", "Open Sans", Helvetica, Arial, sans-serif;
            font-size: 12px;
            line-height: 1.66666667;
            color: #333333;
            background-color: #f5f5f5;
        }
        img {
            border: 0;
            vertical-align: middle;
        }
        h1 {
            font-weight: 300;
        }
        p {
            margin: 0 0 10px;
        }
        @font-face {
            font-family: 'RedHatDisplay';
            font-style: normal;
            font-weight: 300;
            src: url('/cockpit/static/fonts/RedHatDisplay-Medium.woff2') format('woff2');
        }
        .blank-slate-pf {
            text-align: center;
            padding: 90px 120px;
        }
    </style>
</head>
<body>
    <div class="blank-slate-pf">
        <img src="data:image/png;base64,svg redacted>
        <h1>Not found</h1>
    </div>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"rayId":"8be5b951bec4bbc4","serverTiming":{"name":{"cfL4":true}},"version":"2024.8.0","token":"eba41f5a07b7418a9f229a7e7078a768"}' crossorigin="anonymous"></script>
</body>
</html>
ashwalk33r commented 1 month ago

Fixed! The problem was on my side on the DNS provider - CloudFlare. I had too broad rule for whole domain, my subdomain with control got affected by mistake. It was rewriting .html pages 301 into without html. Turning it off fixed the issue. Thanks for having

x

me!