Open Deeptradingfx opened 4 years ago
Hi! I have create a Nginx to proxy this. And I support both Let's Encrypt certificate and login user password with the Nginx docker container. There is nothing more to do with the novnc docker container. You may try doing like me, bro. This is the Nginx config file for you if you do not imagine:
server {
listen 80;
server_name yourdomain.com; # Put your domain here. This block 80 is to redirect automatically to the https url.
location / {
return 301 https://$host$request_uri;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
server {
listen 443 ssl;
server_name yourdomain.com; # Put your domain here.
resolver 127.0.0.11;
set $upstream no_vnc_container_host_name; # Change this line with your novnc host name.
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # This is the path to the fullchain file that Let's Encrypt generated
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # This is the path to the privkey file that Let's Encrypt generated
include /etc/letsencrypt/options-ssl-nginx.conf; # This is generated by Let's Encrypt, too
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # This is generated by Let's Encrypt, too
location / {
# Add these 2 lines to support password.
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/users/yourdomain_com/pw; // This is the path to the password file. The password file (name: pw) is generated with htpasswd
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://$upstream:8080;
}
location /websockify {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://$upstream:8080/websockify;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400;
}
}
In case that you do not want to support Let's Encrypt certificate, or I mean http protocol is enough to you, you can config as follow:
server {
listen 80;
server_name yourdomain.com; # Put your domain here.
resolver 127.0.0.11;
set $upstream no_vnc_container_host_name; # Change this line with your novnc host name.
location / {
# Add these 2 lines to support password.
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/users/yourdomain_com/pw; // This is the path to the password file. The password file (name: pw) is generated with htpasswd
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://$upstream:8080;
}
location /websockify {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://$upstream:8080/websockify;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400;
}
}
i been trying to set password for webgui of novnc theres any one knows how to do it?