search

solarkennedy / wine-x11-novnc-docker

Base Docker image to run wine programs in a web browser via noVNC (html5 vnc viewer) + Xvfb + x11vnc
Apache License 2.0
273 stars 103 forks source link

setting password to novnc #12

Open Deeptradingfx opened 4 years ago

Deeptradingfx commented 4 years ago

i been trying to set password for webgui of novnc theres any one knows how to do it?

Green468 commented 1 year ago

Hi! I have create a Nginx to proxy this. And I support both Let's Encrypt certificate and login user password with the Nginx docker container. There is nothing more to do with the novnc docker container. You may try doing like me, bro. This is the Nginx config file for you if you do not imagine:

server {
    listen 80;
    server_name yourdomain.com; # Put your domain here. This block 80 is to redirect automatically to the https url.

    location / {
        return 301 https://$host$request_uri;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}

server {
    listen 443 ssl;
    server_name yourdomain.com; # Put your domain here.
    resolver 127.0.0.11;
    set $upstream no_vnc_container_host_name; # Change this line with your novnc host name.

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # This is the path to the fullchain file that Let's Encrypt generated
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # This is the path to the privkey file that Let's Encrypt generated

    include /etc/letsencrypt/options-ssl-nginx.conf; # This is generated by Let's Encrypt, too
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # This is generated by Let's Encrypt, too

    location / {
       # Add these 2 lines to support password.
       auth_basic "Restricted Content";
       auth_basic_user_file /etc/nginx/users/yourdomain_com/pw; // This is the path to the password file. The password file (name: pw) is generated with htpasswd

       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://$upstream:8080;
    }

    location /websockify {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://$upstream:8080/websockify;
       proxy_http_version 1.1;
       proxy_buffering off;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_read_timeout 86400;
    }
}
Green468 commented 1 year ago

In case that you do not want to support Let's Encrypt certificate, or I mean http protocol is enough to you, you can config as follow:

server {
    listen 80;
    server_name yourdomain.com; # Put your domain here.
    resolver 127.0.0.11;
    set $upstream no_vnc_container_host_name; # Change this line with your novnc host name.

    location / {
       # Add these 2 lines to support password.
       auth_basic "Restricted Content";
       auth_basic_user_file /etc/nginx/users/yourdomain_com/pw; // This is the path to the password file. The password file (name: pw) is generated with htpasswd

       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://$upstream:8080;
    }

    location /websockify {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://$upstream:8080/websockify;
       proxy_http_version 1.1;
       proxy_buffering off;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_read_timeout 86400;
    }
}