starred/webvirtcloud

Fork 0

mirror of https://github.com/retspen/webvirtcloud.git synced 2026-04-25 15:35:57 +03:00

[GH-ISSUE #460] problems with https #281

New issue

Open

opened 2026-02-27 15:58:06 +03:00 by kerem · 4 comments

kerem commented

2026-02-27 15:58:06 +03:00

Owner

Originally created by @mamema on GitHub (Aug 25, 2021).
Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/460

Hi,

i'm using the latest version in a docker container and i'm connecting via ssh to the host. As long as i'm in the LAN environment everything is working including novnc

As this setup should run behind a proxy (HAPROXY) i've tried to follow this example:
https://github.com/retspen/webvirtmgr/issues/253#issuecomment-36834638

but with enabled https isn't working:

also, it's odd that as soon i'm changing

Websock public host

WS_PUBLIC_HOST = to.some.domain.name

Websock Certificate for SSL

WS_CERT = /etc/nginx/cert/cert.pem #cert created as of documentation

the processes are spawning and dying

so 'im stuck here. Any hints?

Originally created by @mamema on GitHub (Aug 25, 2021). Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/460 Hi, i'm using the latest version in a docker container and i'm connecting via ssh to the host. As long as i'm in the LAN environment everything is working including novnc As this setup should run behind a proxy (HAPROXY) i've tried to follow this example: https://github.com/retspen/webvirtmgr/issues/253#issuecomment-36834638 but with enabled https isn't working: also, it's odd that as soon i'm changing # Websock public host WS_PUBLIC_HOST = to.some.domain.name # Websock Certificate for SSL WS_CERT = /etc/nginx/cert/cert.pem #cert created as of documentation the processes are spawning and dying so 'im stuck here. Any hints?

kerem commented

2026-02-27 15:58:06 +03:00

Author

Owner

@mamema commented on GitHub (Aug 27, 2021):

even though i have fixed the spawn errors (config typo in settings.py) it's still not working
it seems a widespread error with novncd via reverse proxies.....
tested with HAPROXy anf nginx always getting the 1006 error in the browser
whenever websockets and reverse proxy terms are used within Dr. Google the solutions are not there

@mamema commented on GitHub (Aug 27, 2021): even though i have fixed the spawn errors (config typo in settings.py) it's still not working it seems a widespread error with novncd via reverse proxies..... tested with HAPROXy anf nginx always getting the 1006 error in the browser whenever websockets and reverse proxy terms are used within Dr. Google the solutions are not there

kerem commented

2026-02-27 15:58:06 +03:00

Author

Owner

@catborise commented on GitHub (Aug 27, 2021):

did you check these posts: https://github.com/retspen/webvirtcloud/issues/173

@catborise commented on GitHub (Aug 27, 2021): did you check these posts: https://github.com/retspen/webvirtcloud/issues/173

kerem commented

2026-02-27 15:58:06 +03:00

Author

Owner

@mamema commented on GitHub (Aug 27, 2021):

yes, i have configured everything back and forth according to those post. unfortunately it is not working.
What i have learned during my 2 days googeling, is that other non webvirtcloud users (for example proxmox) are also having problems and it seems it have "something" to do with version. v4 (working) and v5 not working. As your link is an post from 2018, i guess this was the time where an older novnc release was still working

steps i have done:

Try 1 - leave nginx of webvirtcloud on port 80

publish port 80 and 6080 in docker
edit settings.py and modify:
- WS_PUBLIC_PORT = 80
- WS_PUBLIC_HOST = somedomain.com

..not working

Try 2 - leave nginx on port 80 but set everything else to cert based
- copy wildcard cert.crt/cert.key via cat > into cert.pem
- modify settings.py and modify
- WS_PUBLIC_PORT = 80
- WS_PUBLIC_HOST = somedomain.com
- WS_CERT = /path/to/cert.pem
- modify /opt/webvirtcloud/console/novcnd
- CERT = /path/to/cert.pem
- modifiy /etc/supervisor.d/webvirtcloud.ini
- add --cert /path/to/cert/cert.pem to novcd start path

..not working

Try 3 change nginx of webvirtcloud to port 443
- publish 443 also in docker
- add certs to the appropriate area in webvirtcloud nginx
- do everything else of try 2 except set WS_PUBLIC_PORT = 443

...not working

so i'm out of ideas....

@mamema commented on GitHub (Aug 27, 2021): yes, i have configured everything back and forth according to those post. unfortunately it is not working. What i have learned during my 2 days googeling, is that other non webvirtcloud users (for example proxmox) are also having problems and it seems it have "something" to do with version. v4 (working) and v5 not working. As your link is an post from 2018, i guess this was the time where an older novnc release was still working steps i have done: Try 1 - leave nginx of webvirtcloud on port 80 - publish port 80 and 6080 in docker - edit settings.py and modify: - WS_PUBLIC_PORT = 80 - WS_PUBLIC_HOST = somedomain.com ..not working Try 2 - leave nginx on port 80 but set everything else to cert based - copy wildcard cert.crt/cert.key via cat > into cert.pem - modify settings.py and modify - WS_PUBLIC_PORT = 80 - WS_PUBLIC_HOST = somedomain.com - WS_CERT = /path/to/cert.pem - modify /opt/webvirtcloud/console/novcnd - CERT = /path/to/cert.pem - modifiy /etc/supervisor.d/webvirtcloud.ini - add --cert /path/to/cert/cert.pem to novcd start path ..not working Try 3 change nginx of webvirtcloud to port 443 - publish 443 also in docker - add certs to the appropriate area in webvirtcloud nginx - do everything else of try 2 except set WS_PUBLIC_PORT = 443 ...not working so i'm out of ideas....

kerem commented

2026-02-27 15:58:06 +03:00

Author

Owner

@cyberfarer commented on GitHub (Apr 13, 2022):

Hi I just set this up using Nginx and SSL. WS_PUBLIC_PORT = 443 for me because I am accessing via HTTPS.

I don't think you require any cert info in your settings.py file because the certification, in my case, is handled by NGINX.

My nginx webvirtcloud.conf:

server {
    listen 80;
    server_name kvm.xxx.com;
    return 302 https://$server_name$request_uri;
}

server {
        listen 443 ssl http2;
        server_name kvm.xxx.com;
        client_max_body_size 50M;
        include snippets/restrict.conf;
        server_tokens off;
        access_log /var/log/nginx/error.log;
        access_log /var/log/nginx/default.log;
        expires -1;
        include conf.d/security.conf;

    	location /static/ {
        root /srv/webvirtcloud;
        expires max;
    }

    	location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Forwarded-Proto $remote_addr;
        proxy_set_header X-Forwarded-Ssl off;
        proxy_connect_timeout 1800;
        proxy_read_timeout 1800;
        proxy_send_timeout 1800;
        client_max_body_size 1024M;
    }

    	location /novncd/ {
        proxy_pass http://127.0.0.1:6080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

	upstream wsnovncd {
      	server 127.0.0.1:6080;
}

*Note my certificate paths are in nginx.conf and look like this:

   ### SSL Settings
     
        ssl_certificate /etc/ssl/nginx/server.crt;
        ssl_certificate_key /etc/ssl/nginx/server.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
        ssl_prefer_server_ciphers on;

My settings.py file is default except for:
WS_PUBLIC_PORT = 443

It all works.

Good luck.

@cyberfarer commented on GitHub (Apr 13, 2022): Hi I just set this up using Nginx and SSL. WS_PUBLIC_PORT = 443 for me because I am accessing via HTTPS. I don't think you require any cert info in your settings.py file because the certification, in my case, is handled by NGINX. My nginx webvirtcloud.conf: ``` server { listen 80; server_name kvm.xxx.com; return 302 https://$server_name$request_uri; } server { listen 443 ssl http2; server_name kvm.xxx.com; client_max_body_size 50M; include snippets/restrict.conf; server_tokens off; access_log /var/log/nginx/error.log; access_log /var/log/nginx/default.log; expires -1; include conf.d/security.conf; location /static/ { root /srv/webvirtcloud; expires max; } location / { proxy_pass http://127.0.0.1:8000; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host:$server_port; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Ssl off; proxy_connect_timeout 1800; proxy_read_timeout 1800; proxy_send_timeout 1800; client_max_body_size 1024M; } location /novncd/ { proxy_pass http://127.0.0.1:6080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } upstream wsnovncd { server 127.0.0.1:6080; } ``` *Note my certificate paths are in nginx.conf and look like this: ``` ### SSL Settings ssl_certificate /etc/ssl/nginx/server.crt; ssl_certificate_key /etc/ssl/nginx/server.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; ssl_prefer_server_ciphers on; ``` My settings.py file is default except for: WS_PUBLIC_PORT = 443 It all works. Good luck.