Reverse Proxy support

[malantp]

The app doesn't work behind a reverse proxy in HTTPS (probably because it uses an unsecured websocket?). This is more a quality of life improvement than a critical issue but it would be awesome to be able to access the frontend from a secured connection at some point.

And thank you very much for this amazing app, keep up the good work!

[wizzomafizzo]

Can you please describe your setup a little how/why you use a reverse proxy? I am interested but you're right the websocket makes it a bit tricky

If it's enough for you, I could probably make an SSL cert configurable in remote's ini file and let you specify the default endpoint names (the API and websocket addresses)

I did find more of a drop-in solution that Plex uses which I think would work with a reverse proxy, but it requires remote to have its own domain name and some small server infrastructure for maintaining DNS and registering certs. Downside is that's a maintenance cost that currently doesn't exist for me, and it requires remote to be online at least until the DNS is cached

[malantp]

Thanks for your reply, here's some more details about my setup:

I have a homelab with my own domain name, every website I host (domotic, cloud, nas etc...) are behind a reverse proxy (I use Nginx Reverse Proxy Manager) so I'm not bothered with the "unsecured connection warning" every time I go on a website. Thus, I can also use that reverse proxy to allow access to some friends (in this case, I wanted them to be able to browse my games and launch them when I stream, very niche I know, but fun).

When I go the frontend in HTTPS using my domain name, the web interface show up but nothing is working, and when I inspect the code on Firefox, I've got an error message:

index-d141982e.js:260 Mixed Content: The page at 'https://mister.mydomain.com/control' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://mister.mydomain.com/api/ws'. This request has been blocked; this endpoint must be available over WSS.

I already experienced this issue on another project, and it was resolved just by changing the "ws://" by "wss://" when using HTTPS, I wanted to try it but I have no way to change the address. I am no expert in websocket, so I don't know if there's more things to do in the backend.

Hope this help.

[wizzomafizzo]

Wow that's really cool! I never even thought about it being used like that for streaming. I might need to have a think about it... there's quite a few reasons this could be difficult.

Absolute worst case I can expose the websocket address in the settings menu to be set by the user, but you would need to instruct your friends how to make this change on their end since it's client side only. I might be able to come up with a way to inject it from the mister side too.

Anyway, leave it with me. In the next couple days I should be putting out a new release and I'll try to at least fit in the possible workaround. I have a reverse proxy set up like yours so I will do some tests

[malantp]

That's awesome! Thank you for your time, I'm looking forward to this, good luck 👍

[wizzomafizzo]

It bloody works. Amazing. I was so sure this wouldn't work!

So what I've done is added an option to let you configure the urls yourself in the settings page. But. I also made a change so that if the host url the client is served on is https (like through a reverse proxy), it will automatically change the websocket url to wss too.

So it turns out you probably won't even need to configure anything, it should automatically work for your friends. I just tried it with my own nginx-proxy-manager setup and it's working great.

I should have a release up in a day or two max.

[malantp]

OMG, that rocks! I tested and it works like a charm! You work so fast though 🥇 Thanks :)

[wizzomafizzo]

You're very welcome!