Update Venue httpd config to support management rewrite rule

unity-sds / unity-cs

Unity Common Services

Apache License 2.0

0 stars 2 forks source link

Update Venue httpd config to support management rewrite rule #442

Closed galenatjpl closed 1 month ago

galenatjpl commented 2 months ago

We need to update the management console rewrite rule with something like:

<location /management>
   ...
  Substitute "s|/management|${var.project}/${var.venue}/management|ni"
</location>

or perhaps something like: https://github.com/unity-sds/unity-proxy/blob/bad3a320ec2cb3b2712646c4694f45c948b79d6b/README.md?plain=1#L35

This is because when the MC loads, it tries to access the JS resources at /management/..., instead of /unity/dev/management... This is the final step in getting the management console working from the shared services httpd.

This change, I think, should be made here: https://github.com/unity-sds/unity-proxy/blob/bad3a320ec2cb3b2712646c4694f45c948b79d6b/terraform-unity/ssm.tf#L24

A redeploy would be needed as well.

jpl-btlunsfo commented 2 months ago

per the slack thread, wouldn't this be accomplished in a more fluid manner by doing it in the shared services httpd config?

    <Location "/unity/dev/">
       ProxyPassReverse http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/
    <Location>
    <LocationMatch "^/unity/dev/(.*)$">
       ProxyPreserveHost on
       AuthType openid-connect
       Require valid-user

       # Added to point to httpd within the unity-venue-dev account
       ProxyPassMatch  "http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/$1"
       Substitute "s|\"/([^\"]*)|\"/unity/dev/$1|q"
    </LocationMatch>

galenatjpl commented 2 months ago

@jpl-btlunsfo , yes, as we discussed on slack, I think this is a good approach

jpl-btlunsfo commented 2 months ago

    <LocationMatch "^/unity/dev/(.*)$">
       ProxyPreserveHost on
       AuthType openid-connect
       Require valid-user

       # Added to point to httpd within the unity-venue-dev account
       ProxyPassMatch "http://unity-dev-httpd-alb-443241596.us-west-2.elb.amazonaws.com:8080/$1" upgrade=websocket
       AddOutputFilterByType INFLATE;SUBSTITUTE;DEFLATE text/html text/javascript
       Substitute "s|management/ws|unity/dev/management/ws|n"
       Substitute "s|\"/([^\"]+)\"(?!:)|\"/unity/dev/$1\"|q"
    </LocationMatch>

Current "working" configuration- I'm still seeing issues with the websocket tunneling at the moment, though.

galenatjpl commented 1 month ago

We settled on a new configuration that now works, and it has been merged into Unity proxy repo, which controls the SSM values (the base ones for the MC). So this ticket can be considered to be done.