Closed innovara closed 2 weeks ago
If you have deployed it, just access http://yourserver:8080, /admin is the web-ui api, don't access /admin!
I am a bit confused with your response. Your advice is the opposite to the purpose of a reverse proxy and not fit for a production environment. Are you saying that you expect people to expose the entire API port to the world with no encryption whatsoever? The reverse proxy, in this case nginx, should receive the traffic from the client over TLS on port 443, and only pass requests to /api
and /admin
to the container or service running on port 8080.
Also, what is all the proxy configuration advice about then? I mean, you are advising to proxy_pass /admin
but then now you are not supposed to use it? As I said, super confused.
First of all, this is a front-end and back-end separation of the project, the front-end needs to be deployed separately, and the interface needed by the front-end is /admin. Secondly, the purpose of the reverse proxy is to not expose the program itself listening port, and secondly, it can also provide traffic encryption. Finally, you can refer to the example in the documentation for the configuration file.
Special note: /api is for rustdesk client, /admin is for web-ui.
If you're using a docker deployment, then your nginx just needs to reverse proxy http://127.0.0.1:8080/ and that's it!
You no longer need to proxy /api and /admin.
First and foremost, thank you for your time and efforts. I am here to learn about your project but also to help you to develop it with feedback so please bear with me.
It makes less (production) sense to me as you add more coments but never mind. You DO want to proxy pass /api
and /admin
and nothing else. If you proxy pass all the traffic comming to nginx
for that server, you are effectively exposing the listening port of the program itself and anyone can send any arbitrary string to your program because nginx
will simply forward it.
The thing is that /api
works perfectly with the proxy configuration. However, soybean-admin
doesn't under /admin
which is what I would expect. Even more so after seeing .env.prod. But somehow that's not happening. So you've got the back-end working under /api
, as expected, and the front-end not working under /admin
, as I would expect. Something is not set up correctly in the configuration of the front-end or the building of the image IMHO.
If you're using a docker deployment. Then nginx configs :
server {
server_name rustdesk.example.com;
listen 443 ssl;
listen [::]:443 ssl;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
location /
{
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host 127.0.0.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_http_version 1.1;
# proxy_hide_header Upgrade;
add_header X-Cache $upstream_cache_status;
}
#PROXY-END
}
Thank you, but I already knew that configuration would work. It's on my first post.
In the end, I reviewed the code and I figured out what needs changing for the front-end to be served under /admin
, as I think it should be. It's a combination of using pnpm build --outDir dist/admin
in the right places and VITE_BASE_URL=/admin
. You can see the changes here: https://github.com/innovara/rustdesk-api-server-pro/commit/0535ef47cc860c4568f230cbf96bf94ef8ed6ad7#diff-bb53f101c061e0643cf840a86a20f6219980ad9fe7fdb054f4600db0589da512R1
Docker image if you want to test it: ghcr.io/innovara/rustdesk-api-server-pro:latest
With those changes you can have nginx to proxy pass /api
which was already working and /admin
, and nothing else, which is what your own documentation states but the application doesn't currently deliver.
Thank you
Maybe related to https://github.com/lantongxue/rustdesk-api-server-pro/issues/4
I was testing
rustdesk-api-server-pro
with a more advanced configuration but, since I am struggling with a basic issue, I've literally gone back to the most basic of them, following the instructions as liteally as possible, and the location/admin
always returns404
even without any proxy intervention.server.yaml
container
nginx configuration for the server
Container log when I try to connect to
rustdesk.example.com/admin
on a computer (the result on the client is404
)Container log when I try to connect to
rustdesk.example.com/admin
with an iPhone over cellular data (page is blank):Moreover, from the server hosting the container:
And the same command executed on the container:
However, if you use
wget
withhttp://0.0.0.0:8080
either on the host or the container, theindex.html
file that you get is what you would expect:So it basically seems that
soybean-admin
or any of its components, I don't know enough about that to say, is not correctly set up to serve under /admin.To confirm my suspicion, I set up nginx to proxy _pass / entirely, and the admin log in page loads under
http://rustdesk.example.com
(gets redirected tohttps://rustdesk.example.com/#/login
)