Comments (16)
Yes, I will fix this!
from docker-mkvtoolnix.
Fixed in the latest image :)
from docker-mkvtoolnix.
Websocket needs to be proxied:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
[...]
location /websockify {
proxy_pass http://mkvtoolnix.mywebsite.com:5900;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 86400;
}
}
But unless you are using Nginx to proxy multiple thing, a much easier way is to enable the Secure connection. All you need to do then is to provide your certificates and forward the correct port on your router.
from docker-mkvtoolnix.
Yes I'm reverse proxying quite a few docker containers.
That said, I still couldn't make the proxying work with the addition config you provided.
Also I'm a bit confused on the
proxy_pass http://mkvtoolnix.mywebsite.com:5900;
line. Isn't port 5900 for VNC? In this case the access would be through the browser. From your documentation, port 5900 is optional if VNC isn't used.
Just to be clear, that's the final mkvtoolnix.conf with your added configs that I've used:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
return 301 https://$host$request_uri;
server_tokens off;
}
server {
listen 443 ssl http2;
server_tokens off;
server_name mkvtoolnix.mywebsite.com;
ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 30m;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://127.0.0.1:5800;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /websockify {
proxy_pass http://mkvtoolnix.mywebsite.com:5900;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 86400;
}
}
from docker-mkvtoolnix.
Yes, port 5900
is the VNC port and it accepts websocket connections. The websocket connection is initiated by the web browser.
The container already contains a running nginx instance, which forwards websocket connections to the internal vnc server. Thus, in this configuration, the VNC port is not needed from an external point of view.
However, since you are using your own nginx instance, you need to replicate what's done by the container. And since your nginx instance is outside the container, the VNC port of the container needs to be accessible externally.
I don't have all the details of your network, but instead of http://mkvtoolnix.mywebsite.com:5900
, you could try http://127.0.0.1:5900
, like the config for the web interface. In summary, the address you put there should reach the container. You can verify with a VNC client that port 5900
is working.
from docker-mkvtoolnix.
After looking more closely to the error shown in your screen shot, could you try to connect using:
https://mkvtoolnix.mywebsite.com:443
If this doesn't work, try:
https://mkvtoolnix.mywebsite.com?port=443
from docker-mkvtoolnix.
https://mkvtoolnix.mywebsite.com:443 didn't work
but https://mkvtoolnix.mywebsite.com/?port=443 does work!
Anyway to make it work with just https://mkvtoolnix.mywebsite.com ? It must be possible to have the ?port=443
portion be automatically added. I know this is more of a pure Nginx question at this point, which if you can't help with it's no problem.
from docker-mkvtoolnix.
Thanks a lot for the help!
from docker-mkvtoolnix.
Hi, I'm sorry to comment here but there is things I struggle to understand.
I'm on a Synology NAS and try to get it worked with reverse proxy, the part I should add is on the synology nginx conf or in nginx of the docker ?
from docker-mkvtoolnix.
You need to adjust the nginx config on your Synology (i.e. the config of your reverse proxy).
from docker-mkvtoolnix.
Ok thanks, that's what I thought but when I edited the conf I still get server disconnected, I might have done something wrong. Thanks again
from docker-mkvtoolnix.
Make sure to read this: https://github.com/jlesage/docker-mkvtoolnix#reverse-proxy
from docker-mkvtoolnix.
Yep I've copy/paste the content in my nginx conf.
Should I put something instead of the '[...]' ? I just removed it.
from docker-mkvtoolnix.
The [...]
is just to indicate that you may have to integrate with your existing config. So yes, just remove it.
from docker-mkvtoolnix.
Ok that's weird even with that, it says disconnected...
I attached my nginx.conf if you have time to take a look.
I will investigate more this afternoon but maybe you will see something I missed...
By the way thanks for the support and the great idea of this project ;)
from docker-mkvtoolnix.
Nothing obvious, but make sure to clear your browser's cache when trying new config.
from docker-mkvtoolnix.
Related Issues (20)
- I have something wrong with my mkvtoolnix in docker HOT 10
- Can the clipboard toolbar be fixed to the left or right side? HOT 7
- Container doesn't start correctly since v22.10.1: could not load 'app.dep': command failed (126) HOT 12
- Image failing to start on Synology DSM 6 since 23.01.1 update HOT 70
- Docker image won't start on DSM 7 HOT 1
- docker container stops after creating (exit code 134) HOT 2
- error [app ] qt.svg: :/icons/mkvtoolnix-gui/oxygen/edit-entry.svg:2766:6: Could not resolve property: #linearGradient4636 HOT 3
- After watchtower update the container last night i won't run HOT 2
- Issue with mkvtoolnix setting advanced HOT 8
- Ignore chown for certificate HOT 6
- [Bug] On my terramaster nas I have to delete container, image and config directory HOT 2
- [Bug] Files created are owned by root HOT 4
- Unable to install on Unraid HOT 4
- [Bug] "Unexpected error encountered: Script error." error on GUI HOT 2
- [Bug] Cannot read properties of null (reading,0,) HOT 2
- [Bug] mkvtoolnix browser UI failure HOT 7
- [Feature request] Two optimization requests regarding the clipboard HOT 1
- [Bug] Fail to start after updating to the latest version HOT 3
- [Feature request] Adapt the gui for phone use HOT 1
- [Bug] Getting constant MKVToolNix - Disconnected in google chrome HOT 30
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-mkvtoolnix.