Closed galenatjpl closed 1 month ago
per the slack thread, wouldn't this be accomplished in a more fluid manner by doing it in the shared services httpd config?
<Location "/unity/dev/">
ProxyPassReverse http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/
<Location>
<LocationMatch "^/unity/dev/(.*)$">
ProxyPreserveHost on
AuthType openid-connect
Require valid-user
# Added to point to httpd within the unity-venue-dev account
ProxyPassMatch "http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/$1"
Substitute "s|\"/([^\"]*)|\"/unity/dev/$1|q"
</LocationMatch>
@jpl-btlunsfo , yes, as we discussed on slack, I think this is a good approach
<LocationMatch "^/unity/dev/(.*)$">
ProxyPreserveHost on
AuthType openid-connect
Require valid-user
# Added to point to httpd within the unity-venue-dev account
ProxyPassMatch "http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/$1" upgrade=websocket
AddOutputFilterByType INFLATE;SUBSTITUTE;DEFLATE text/html text/javascript
Substitute "s|management/ws|unity/dev/management/ws|n"
Substitute "s|\"/([^\"]+)\"(?!:)|\"/unity/dev/$1\"|q"
</LocationMatch>
Current "working" configuration- I'm still seeing issues with the websocket tunneling at the moment, though.
We settled on a new configuration that now works, and it has been merged into Unity proxy repo, which controls the SSM values (the base ones for the MC). So this ticket can be considered to be done.
We need to update the management console rewrite rule with something like:
or perhaps something like: https://github.com/unity-sds/unity-proxy/blob/bad3a320ec2cb3b2712646c4694f45c948b79d6b/README.md?plain=1#L35
This is because when the MC loads, it tries to access the JS resources at
/management/
..., instead of/unity/dev/management
... This is the final step in getting the management console working from the shared services httpd.This change, I think, should be made here: https://github.com/unity-sds/unity-proxy/blob/bad3a320ec2cb3b2712646c4694f45c948b79d6b/terraform-unity/ssm.tf#L24
A redeploy would be needed as well.