Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS for varnish-dashboard #14

Open
davidfrendo opened this issue Apr 7, 2017 · 6 comments
Open

HTTPS for varnish-dashboard #14

davidfrendo opened this issue Apr 7, 2017 · 6 comments

Comments

@davidfrendo
Copy link

I am trying to add HTTPS support by putting Apache in front to act as an HTTPS proxy. This is particularly desirable since the varnish-dashboard has a username and password and since it provides quite powerful access to Varnish.

While I can access the page, the functionality seems not to work, no stats are visible and functions do not work (tried Ping and Restart)

Attaching my Apache config file.

Many thanks in advance.

David

varnish-dashboard.txt
@avoinea
Copy link

avoinea commented May 16, 2018

@davidfrendo Did you manage to add HTTPS in front of it?!

@avoinea
Copy link

avoinea commented May 16, 2018

These lines are to be blamed:

varnish-dashboard/assets/js/main.js

Lines 370 to 372 in e2cc1c8

options.url = '//' + server.host + ':' + server.port + options.url;
} else {
options.url = '//' + server.host + options.url;

As it expects internal server to have https enabled.

@avoinea
Copy link

avoinea commented May 16, 2018

These lines are to be blamed:

Plus some missing headers.

@avoinea
Copy link

avoinea commented May 16, 2018

Ops:

Mixed Content: The page at 'https://varnish.example.com/?server=0' was loaded over HTTPS,
but requested an insecure XMLHttpRequest endpoint 'http://10.1.2.3:6085/status'. 
This request has been blocked; the content must be served over HTTPS.

@avoinea
Copy link

avoinea commented May 16, 2018

By default it works. The issue with @davidfrendo conf is that it redirects all calls to /html/:

ProxyPass / http://127.0.0.1:6085/html/
ProxyPassReverse / http://127.0.0.1:6085/html/

it should be:

ProxyPass / http://127.0.0.1:6085/
ProxyPassReverse / http://127.0.0.1:6085/

And then access it at https://varnish.example.com/html/

Or, if you want to access it at https://varnish.example.com add some rewrite conditions to redirect only html/css/js resources to http://127.0.0.1:6085/html/

When you have multiple servers within your dashboard, then your config.js for varnish.example.com should look like:

var config = {
	servers: [
        {
		name: "Varnish 1",
		host: 'varnish-1.example.com',
		port: 443,
		user: 'varnish',
		pass: 'secret'
	},
        {
		name: "Varnish 2",
		host: 'varnish-2.example.com',
		port: 443,
		user: 'varnish',
		pass: 'secret'
	}
],
...

And of course you can enable SSL on varnish-1.example.com and varnish-2.example.com via Apache, Nginx, HAProxy, etc.

@avoinea
Copy link

avoinea commented May 16, 2018

Or, to avoid sub-domains HTTPS setup, via path rewrites:

var config = {
	servers: [
        {
		name: "Varnish 1",
		host: 'example.com/varnish-1',
		port: null,
		user: 'varnish',
		pass: 'secret'
	},
        {
		name: "Varnish 2",
		host: 'example.com/varnish-2',
		port: null,
		user: 'varnish',
		pass: 'secret'
	}
],
...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@avoinea @davidfrendo