Hello, Ajay, and other guys here :)
I'm having some troubles with the HTTPS configuration.
I have installed your containers on an Intel machine, building them, as you
know.
Now I'm trying to get my OpenWRT devices into OpenWisp.
I cannot, because I'm trying to get there by HTTP.
logread | grep openwisp
says:
Wed May 8 23:18:15 2019 daemon.info openwisp: Registering device...
Wed May 8 23:18:15 2019 daemon.err openwisp: Invalid url: missing
X-Openwisp-Controller header
But I'm not sure how to set the certificates on your NGINX server.
So, I have tried to get into it using a reverse proxy.
I have a machine, 192.168.1.2, that responds to mydomain.com
I'm trying to tell it something like "When somebody asks
mydomain.com/openwisp2, go to my OpenWISP machine (it's 192.168.1.10), port
8080."
But I cannot, because I don't know how to do that.
I've tried several configs in NGINX, the last I've tried:
location /openwisp2 {
rewrite ^/openwisp2(.+)$ /admin/$1 break;
proxy_pass http://192.168.1.10:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
Do you know what I'm doing wrong?
Thank you very much,
Oscar
El diumenge, 28 abril de 2019 1:44:58 UTC+2, Ajay Tripathi va escriure:
>
> Hello,
>
> Regarding the implementation of the SSL, currently I am planning to make
> secure connections to:
>
> 1. postgresql-server
> 2. redis
> 3. uswgi protocol
> 4. nginx
>
> (1) Secure connection to postgresql-server has been done by @2stacks in on
> of the example[1], I am planning to implement that soon.
>
> (2) & (3) redis and uswgi protocol don't seem to have a support for any
> native method for secure connections, all I could find was stunnel to
> secure the connections.
> Something to note about stunnel is that it's distributed under GNU GPL
> version 2 or later with OpenSSL exception
> <https://www.stunnel.org/sdf_copying.html> but stunnel is not a community
> project.
>
> (4) While researching about how to automatically renew the certificates on
> kubernetes, I found cert-manager[2] that can be installed from helm.
> cert-manager looks like a good option to me.
>
> Please review it and let me know your thoughts on it.
>
>
> Thank You,
> Ajay
>
> ---
> Ref:
> [1]: https://github.com/2stacks/freeradius-django
> [2]: https://github.com/jetstack/cert-manager
>
>
--
You received this message because you are subscribed to the Google Groups
"OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to openwisp+unsubscr...@googlegroups.com.
To view this discussion on the web, visit
https://groups.google.com/d/msgid/openwisp/d502bea6-b558-49b2-918b-eb4ad3a00bc0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
