Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Help needed] How can my web page use https? #134

Closed
Relaxo143 opened this issue Jun 13, 2019 · 8 comments
Closed

[Help needed] How can my web page use https? #134

Relaxo143 opened this issue Jun 13, 2019 · 8 comments

Comments

@Relaxo143
Copy link

I see that the demo site has a secure connection, but mine doesn't. How could I make this work? Also, when trying to open the rpc explorer I get a message that the function is disabled and I can enable it in the config.js file. However, I don't see anything there which I could change to modify this. I want no login prompts, but the safe RPCs to be accessible, Just like on the demo site. Helps would be appreciated.
@tyzoo
Copy link

tyzoo commented Jun 14, 2019

I think this should help:
Rename the '.env-sample' file to '.env'. Uncomment out the '#' on the following variables and add your credentials where applicable:

Host/Port to bind to

BTCEXP_HOST=0.0.0.0
BTCEXP_PORT=3002

Bitcoin RPC Credentials (URI -OR- HOST/PORT/USER/PASS)

#BTCEXP_BITCOIND_URI=bitcoin://rpcusername:[email protected]:8332?timeout=10000
BTCEXP_BITCOIND_HOST=localhost
BTCEXP_BITCOIND_PORT=8333
BTCEXP_BITCOIND_USER=
BTCEXP_BITCOIND_PASS=

Whether public-demo aspects of the site are active

BTCEXP_DEMO=true

Privacy mode disables:

Exchange-rate queries, IP-geolocation queries

BTCEXP_PRIVACY_MODE=false

Don't request currency exchange rates

BTCEXP_NO_RATES=false

@Relaxo143
Copy link
Author

I think this should help:
Rename the '.env-sample' file to '.env'. Uncomment out the '#' on the following variables and add your credentials where applicable:

Host/Port to bind to

BTCEXP_HOST=0.0.0.0
BTCEXP_PORT=3002

Bitcoin RPC Credentials (URI -OR- HOST/PORT/USER/PASS)

#BTCEXP_BITCOIND_URI=bitcoin://rpcusername:[email protected]:8332?timeout=10000
BTCEXP_BITCOIND_HOST=localhost
BTCEXP_BITCOIND_PORT=8333
BTCEXP_BITCOIND_USER=
BTCEXP_BITCOIND_PASS=

Whether public-demo aspects of the site are active

BTCEXP_DEMO=true

Privacy mode disables:

Exchange-rate queries, IP-geolocation queries

BTCEXP_PRIVACY_MODE=false

Don't request currency exchange rates

BTCEXP_NO_RATES=false

All of this is helpful but not in my case. I already have it set up. I just want to use rpcs without auth and to utilize https

@janoside
Copy link
Owner

@Relaxo143 The demo site is actually reverse-proxied to serve via HTTPS. I recommend you do the same if you'd like your site to be served securely. I recommend either apache or nginx as your reverse proxy and for both there should be many tutorials for setting this tool up for HTTPS. If you have your own domain, many modern tutorials will also step you through how to get your certificate automatically via Lets' Encrypt. I hope this helps. Feel free to let me know if you hit any specific snags.

@janoside
Copy link
Owner

Happy to re-open if further discussion is needed.

@snyk-bot snyk-bot mentioned this issue Mar 9, 2020
Merged
@mooleshacat
Copy link

mooleshacat commented Jun 25, 2020
edited
Loading

FWIW;

  • sudo apt -y install nginx-full python-certbot-nginx

  • nano /etc/nginx/sites-available/default

Leave the default config, scroll to the bottom, paste in at bottom and edit:

upstream explorer-servers {
	ip_hash;
	server srv1.example.com:3000 max_fails=1 weight=4;	
	server srv2.example.com:3000 max_fails=1 weight=2;
	server srv3.example.com:3000 max_fails=1 weight=1;		
}
server {

	server_name explorer.example.com; # managed by Certbot
	
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-Ssl on;

	location / {

		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header Host $host;

		proxy_pass http://explorer-servers;

		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";

		listen 80 default_server;
		listen [::]:80 default_server;

	}

  • systemctl enable nginx

  • systemctl restart nginx

  • certbot --nginx -d explorer.example.com

Done :)

@mooleshacat mooleshacat mentioned this issue Jun 25, 2020
Closed
@lucidprojects
Copy link

Sorry to revive an old thread but I'm trying to get a reverse proxy set up and can't seem to get the nginx set up correct.

I took the above but changed explorer-servers to srv1.MYDOMAIN.io:3000 etc

added to nginx default config

upstream explorer-servers {
        ip_hash;
        server srv1.MYDOMAIN.io:3000 max_fails=1 weight=4;
        server srv2.MYDOMAIN.io:3000 max_fails=1 weight=2;
        server srv3.MYDOMAIN.io:3000 max_fails=1 weight=1;
}

server {
        server_name explorer.MYDOMAIN.io; # managed by Certbot

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;

        location / {

                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;

                proxy_pass http://explorer-servers;
              
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";

                listen 80 default_server;
                listen [::]:80 default_server;

        }

when I try to restart nginx after enabling, it fails and systemctl status nginx.service shows

node0 systemd[1]: Starting A high performance web server and a reverse proxy server...
node0 nginx[12865]: nginx: [emerg] host not found in upstream "srv1.MYDOMAIN.io:3000" in /etc/nginx/sites-enabled/default:95
node0 nginx[12865]: nginx: configuration file /etc/nginx/nginx.conf test failed
node0 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
node0 systemd[1]: nginx.service: Failed with result 'exit-code'.
node0 systemd[1]: Failed to start A high performance web server and a reverse proxy server.

If I comment all that out nginx starts without issue and I can see the nginx start page on MYDOMAIN.io

Also not sure if this has any relevance but I am trying to run this on a headless pi. npm start of btc-rpc-explorer seems to work fine and shows the proper block height in logs etc

Any help appreciated.

@lucidprojects
Copy link

Ok I got it sorted by simplifying the above.

I'm adding what I ended up with in my default config here incase anyone else lands here and has issues.

server {
        server_name explorer.MYDOMAIN.io

        location / {
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;

                proxy_pass http://127.0.0.1:3002/;

                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }

   listen 80 default_server;
   listen [::]:80 default_server;

}

that passed nginx -t config test and the running the certbot set up worked without issue.

Thanks for the initial how to @leshacat

@janoside
Copy link
Owner

@lucidprojects Glad you figured this out and thanks for posting your solution for future searchers!

@snyk-bot snyk-bot mentioned this issue May 10, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@janoside @tyzoo @Relaxo143 @mooleshacat @lucidprojects and others