How to use HTTPS with rd-usb

[Bluscream]

I want to host the webinterface on my internal website but everything seems to be unhappy to serve this http website through https

[kolinger]

Hello, can you please provide more detail what issue are you experiencing and what setup you have?

You are using some webserver (like nginx) as reverse proxy to provide HTTPS for rd-usb? There is no option for HTTPS in rd-usb but reverse proxy with some webserver should work.

[kolinger]

I see reverse proxy with HTTPS has issues with socket communication - rd-usb does show up but buttons don't work. These issues should be fixed in 1.15.1 - available here.

I tested 1.15.1 with following nginx configuration and HTTPS works fine:

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate /your/certificate.crt;
    ssl_certificate_key /your/certificate.key;

    server_name rd-usb;

    location / {
        proxy_pass http://127.0.0.1:5000;
    }
}

This is easiest way to provide HTTPS for rd-usb.

Let me know if 1.15.1 solves your issue or you are seeing something else.

[Bluscream]

Oh lol nice. Yeah i had this issue aswell. Ill give more detailed infos later

Quick rundown:

Apache2 Raspi 4 (4gb) x64

Also i want rd-usb served from a path instead of a subdomain

[kolinger]

I'm not familiar with Apache so I can't help you directly. With nginx it works with configuration like this:

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate /your/certificate.crt;
    ssl_certificate_key /your/certificate.key;

    server_name domain.tld;

    # your other things

    location /rd-usb {
        proxy_pass http://127.0.0.1:5000;
    }
}

Here you need extra step - you need to specify what path/prefix you are using with --prefix parameter. In this example /rd-usb needs to be specified as --prefix /rd-usb something like python app.py --prefix /rd-usb (--prefix was added in 1.16.0).

Apache2 configuration should be similar - nothing special is required just basic HTTPS reverse proxy.

[Bluscream]

Thanks that worked. 👍🏻

Although i got a different (maybe related) problem now:

Offtopic

``` 2022-03-29 14:12:11 - operation failed, retrying Traceback (most recent call last): File "/srv/usbmeter/rd-usb/webapp/backend.py", line 293, in retry self.interface.connect() File "/srv/usbmeter/rd-usb/interfaces/wrapper.py", line 33, in connect self.get_result(60) File "/srv/usbmeter/rd-usb/interfaces/wrapper.py", line 64, in get_result raise ErrorException(result) interfaces.wrapper.ErrorException: Traceback (most recent call last): File "/home/blu/.local/lib/python3.9/site-packages/serial/serialposix.py", line 322, in open self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK) FileNotFoundError: [Errno 2] No such file or directory: '' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/srv/usbmeter/rd-usb/interfaces/wrapper.py", line 101, in call result = callback() File "/srv/usbmeter/rd-usb/interfaces/um.py", line 35, in connect self.serial = serial.Serial(port=self.port, baudrate=9600, timeout=self.timeout, write_timeout=0) File "/home/blu/.local/lib/python3.9/site-packages/serial/serialutil.py", line 244, in __init__ self.open() File "/home/blu/.local/lib/python3.9/site-packages/serial/serialposix.py", line 325, in open raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg)) serial.serialutil.SerialException: [Errno 2] could not open port : [Errno 2] No such file or directory: '' ``` (Yes, i did bind it): ``` blu@minopia:/srv/usbmeter/rd-usb $ sudo rfcomm bind 0 00:16:A6:00:1C:E3 Can't create device: Address already in use ```

[kolinger]

This is issue with connection - unrelated to apache/proxy, apache/proxy seems to work fine if you get such error. Do you have selected serial port? Seems like yours is empty. It should be something like /dev/rfcomm0:

[Bluscream]

Another thing about the proxy thing. when using --prefix it seems like all "redirect to home"s are still redirecting to the root url :o

[Bluscream]

Offtopic

After setting the port (Sorry, didn't see the field for it :D) i get a permission error: `PermissionError: [Errno 13] Permission denied: '/dev/rfcomm0'` do i need to run python as root? (Would rather not do that on a semi-public website) Already should've given myself perms according to [this](https://unix.stackexchange.com/a/627663): ``` blu@minopia:~ $ sudo ls -al /dev/rf* crw-rw---- 1 root dialout 216, 0 Mar 29 08:20 /dev/rfcomm0 crw-rw-r--+ 1 root netdev 10, 242 Feb 8 05:16 /dev/rfkill blu@minopia:~ $ sudo usermod -a -G dialout blu blu@minopia:~ $ ```

[Bluscream]

Got the permission stuff working by chown'ing the port. Sorry for mixing up issues.

To continue the prefix stuff:

• something caused https://domain/graph?session= when clicking disconnect
• Deleting a session also causes a redirect to https://domain/data

---

Also thanks for your quick help and sorry for being such an annoying prick :)

Could you drop me your paypal so can send a fiver over for your work?

[kolinger]

Redirects fixed in 1.16.1. Hopefully that's all of them.

Correct - root is bad idea indeed just add your user to dialout group. I tried usermod -aG dialout www-data and rd-usb did connect to rfcomm fine running as user www-data. Identical to what you did. I have regular Debian not RaspberryPI but Raspbian is also Debian so not sure why it doesn't work for you. If you need to chown then remember it will disappear on reboot - you need run rfcomm bind ... and chown after every boot.

BTW: Keep in mind you should never explose rd-usb on untrusted network or to untrusted users. HTTP basic auth trough your web server is good idea.

I don't see this as annoying. You found reasonable shortcoming that should be addressed and questions from users reflect bad state of documentation! Paypal: tomas@kolinger.name.

[Bluscream]

Closing this as it is mostly resolved. You'll get the money once my paypal balance is postive again :joy: