I’m trying to set up an app which will proxy to a service that requires SSL. I found this post:
and tried the solution there, but I still get
Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
In case it matters, the app in question (NoMachine) handles all authentication so all I really need to do here is reserve the node and produce a link that will reverse proxy to the web interface. Restricting the service to a specific user is something we’ll add later via Slurm prolog/epilog scripts to manage the nxserver config.
<p> The link below will launch your NoMachine Workstation desktop in a browser window/tab. If you'd prefer to use the NoMachine native client, create an ssh tunnel to the session: </p> <ol> <li><pre>ssh login-01 -L 24000:<%= host %>:4000</pre></li> <li>Add a NoMachine connection to "localhost" using port "24000" and the NX protocol.</li> </ol> <hr> <a href="/node/<%= host %>/<%= port %>" target="_blank" rel="noreferrer noopener">NoMachine Web Interface (node)</a> <hr> <a href="/rnode/<%= host %>/<%= port %>" target="_blank" rel="noreferrer noopener">NoMachine Web Interface (rnode)</a>
The submitted job just grabs the node with
--exclusive to make sure no one else can start jobs on it, starting
/opt/ood/mod_ood_proxy/lib/ood/proxy.lua I have added this:
function set_reverse_proxy(r, conn) -- find protocol used by parsing the request headers local protocol = (r.headers_in['Upgrade'] and "ws://" or "http://") if upstreamPort then -- If specified port was used, then use secure protocols if upstreamPort == '4443' then protocol = (r.headers_in['Upgrade'] and "wss://" or "https://") end end
SSLProxyEngine On is in the VirtualHost config.
I set the port in
# Export the module function if it exists [[ $(type -t module) == "function" ]] && export -f module export port=4443
When a session starts, the generated URLs in the view are:
Both producing the error I mentioned above.
I’m not sure where to look next for where this is going off the rails.