Reverse Proxy Support #77
Comments
|
We haven't tested such a scenario to validate its support or not. |
|
Why not try to use Caddy as reverse proxy and the Caddy WebDAV plugin to stop using IIS at all. This would also get this project working in a container environment on Windows and Linux. |
|
@GeoSimos is there any windows only features besides NTLM i should worry about? When i enable anonymous auth and move the auth to nginx the IIS directory loads fine in a web browser. but the PE environment fails to load the files after authenticating. @FLeven i was also going to look into nginx TCP streaming as well. |
|
Use Xcady to compile a custom version ,include a webDAV Plugin. Caddy is a Webserver, with almost perfect default settings as Reverse Proxy. No reason to use nginx anymore. |
Hi @FLeven, have you tried this solution? Is it working with the NTLM authentication? |
We use https to connect to the Web Server that serves the deployment share, this is the first requirement, the second is WebDav for the directory listing and transfer (however we're in the process to move away from it, because it has its quirks and security issues). |
|
By the way @laramy2020, have you considered using a Dynamic DNS service to have a static hostname with a dynamic IP? This would eliminate the reverse proxy need. |
|
@GeoSimos not yet, first step was to move the current solution into a windows IIS container. |
Then you can use PSD without issues (initially), for the reverse proxy though, it will be a challenge but it is a very interesting project and would like more details about it if you reach to a workable level. We may include documentation how to do it in the solution. |
|
I will take a look at these options this weekend. Been busy between work and job hunting. will post any successes/roadblocks as I come into them |
|
so a progress goea, nginx stream gets closer, will test caddy this weekend,
Not Working
Possible not working
Would using a non-standard web port break this (in this case 8991) |
|
well new issue, cant boot my PSD iso in libvirt even with secureboot and emulated TPM. just gets stuck here with out the spinner |
|
moved to an archbox, that loaded, kinda |
Does your host allows Secure Boot for other Vendors like Microsoft? |
yes it does, i am booting both secureboot on and off, and it gets stuck in centos based hosts, arch seems to work fine. I have windows 11/server 2022 guest running, i guess it is some combo of windows 11 PE and centos 9 host Also had my first successful deployment to baremetal, so it works, currently figuring out how to cache the data now. caddyconfigs are frustrating even more so when the module you need/want is not apart of the core program. I will post my dockerfile for building a caddy container and the caddyfile i am currently using at some point today. |
|
So the caching config is kinda working, i am trying to understand how to configure it properly, but it seems to not cache the way i want it to |
Hi, would you mind to sharing how to make its work nginx ? i'm stuck with it |
I have tried to use nginx to reverse proxy this, but have ran into issues passing the credentials over due to how ntlm auth works, I have tried with disabling auth and allowing anonymous on IIS and both basic and digest auth on the nginx reverse proxy.
After filling out the credentials it just gets stuck on Verifying connection to https://site.website.tld/deploy
As for the reason for the reverse proxy:
my home isp changes ip pretty rapidly and the reverse proxy is hosted on a vps with a vpn tunnel back to my home lab.
The text was updated successfully, but these errors were encountered: