search

eduardogsilva / routerfleet

RouterFleet: An open-source solution for centralized router and network equipment management. Initially focused on Mikrotik devices, it offers simplified backups, updates, and security. Perfect for managing a fleet of devices efficiently. Join us in evolving RouterFleet's capabilities
MIT License
65 stars 3 forks source link

web interface error #6

Closed mikrotickets closed 4 months ago

mikrotickets commented 4 months ago

SERVER_ADDRESS=51.222.14.140:8012 POSTGRES_PASSWORD=ropassword TIMEZONE=America/Mazatlan docker compose up --build -d

Screenshot_17

eduardogsilva commented 4 months ago

Hello @mikrotickets I noticed 2 details here: 1- SERVER_ADDRESS should contain the name that you will be accessing the server. In your case, it should be routerfleet.zerolan.network. Do not declare a port here, it will not work as you expect and probably will break django.

2- Looks like you are using a proxy in front of routerfleet. Your proxy is serving https:// and you are querying the routerfleet nginx over http. Your proxy should point to the https address. Yesterday I noticed that my redirect from http to https was being overwritten by the default nginx virtual host (the page you are seeing)

With this adjustments, it should work fine ;)

hellofaduck commented 4 months ago

I am experiencing the same issue. I am running Routerfleet on a non-default port, specifically port 3443, and without modifying the Django configuration files, I am encountering CSRF errors when using the IP in SERVER_ADDRESS. When I use the IP and port, I receive a 'Bad Request' error. Perhaps we should consider adding an option to build a Docker image that allows the CSRF option to be set to 0.0.0.0/0. I only use Routerfleet within my LAN, so there is no attack surface here. While I could expose Routerfleet to the internet and assign a domain to it, I do not want to expose such a sensitive service.

eduardogsilva commented 4 months ago

Disabling the CSRF protection is not recommended due to security concerns. even if the routerfleet installation is not exposed directly to the internet. routerfleet deals with important information, such as multiple router address and passwords. I don't believe in lowering security settings for this case.

I didn't tested running the project in a different port to check if declaring SERVER_ADDRESS=hostname:port will work or not.

To change the port, you need to change the nginx entry on the docker-compose file.

The SERVER_ADDRESS variable needs to have the name that is displayed in your browser unless you have a reverse proxy with extra settings.

If you configure the SERVER_ADDRESS properly, you will not have issues with csrf.

hellofaduck commented 4 months ago

@mikrotickets i'am facing same issue, so i fix this problem by editing entrypoint.sh inside container "routerfleet". Just add port to end of this string and restart container, unfortunately this step is necessary after each update of container :( but it works :) image

eduardogsilva commented 4 months ago

Hello there, I fixed this issue in the last build.

Just configure your .env file with the port declared in SERVER_ADDRESS line. example: SERVER_ADDRESS=example.com:8443

You will also need to change the port mapping in docker-compose.yml file.

Thanks for pointing this out.