jjethwa / rundeck

GNU General Public License v3.0
122 stars 137 forks source link

Problem with SERVER_URL #24

Closed ernestm closed 8 years ago

ernestm commented 8 years ago

Am trying to run this on Amazon ECS and front it with an ELB. So what I'm doing is going https to the ELB, and then just mapping in http to port 4440 on rundeck. I set SERVER_URL to the proper "end user" url, https://mydnsname. I get the login screen, but when I submit the login, it breaks while trying to ajax-redirect me in.

If I go "under the covers" to another rundeck URL like user/home it appears that I'm logged in correctly, and all the other links in the page are well-formed and working, just not the login redirection. I've experimented with the SERVER_URL in every way (port 4440, 80, 443! http vs https! trailing slash!) but all to no avail. Thoughts?

jjethwa commented 8 years ago

Hi @ernestm

Just to confirm you are terminating SSL at the ELB and using http from the ELB to your Rundeck instance, correct?

Can you confirm these configs:

dataSource.url in /etc/rundeck/rundeck-config.properties and framework.server.url and framework.server.port in /etc/rundeck/framework.properties

Thanks :)

ernestm commented 8 years ago

Correct, terminating SSL at the ELB and going HTTP from there.

rundeck-config.properties: grails.serverURL=https://dev-usm-saas-rundeck.aveng.us dataSource.url = jdbc:mysql://localhost/rundeckdb?autoReconnect=true

rundeck-framework.properties: framework.server.name = dev-usm-saas-rundeck.aveng.us framework.server.hostname = dev-usm-saas-rundeck.aveng.us framework.server.port = 443 framework.server.url = https://dev-usm-saas-rundeck.aveng.us

Something about the ajax redirect isn't looking at the protocol sent in, I think, but maybe assuming from it being set in non-SSL mode?

In the rundeck.audit.log, the auth works fine, there's no errors in any of the logs really, the hit isn't getting to the server.

Oh wait... Lee found http://rundeck.org/docs/administration/configuring-ssl.html#using-an-ssl-terminated-proxy. Ha ha! OK, including RDECK_JVM="-Drundeck.jetty.connector.forwarded=true" got it working. Sorry for the fire drill!

jjethwa commented 8 years ago

NP! Glad you were able to sort it out and thanks for pointing out what needed to be done to get it working :)