Based on my understanding Coreteza webapp is running under nodejs. If we directly expose nodejs to public access, it is easy being attacked. So I deploy Corteza in one namespace in Kubernetes and reverse proxy in other namespace with reverse proxy setting pointing to Corteza webapp root path. But when I come to Corteza deployment, I have no clue in setting of DOMAIN environment variables. I am thinking this DOMAIN env variables is the core piece of info how nodejs call javascript and other web components. But under cloud environment , how can we make this DOMAIN env variable dynamic to accept any request forward by reverse proxy?
I have an nginx reverse proxy and I set the DOMAIN variable for Corteza to the url I use to access the proxy. In my case it is all internal, but Corteza works just fine.
using subdomain or route level reverse proxy?
Iām using subdomains.
1 Like
in your .env file add this settings and will resolve
DOMAIN = 'corteza.mydomain.tld'
AUTH_BASE_URL ='https://corteza.mydomain.tld/auth'
AUTH_SESSION_COOKIE_SECURE = 'true' # Because I use https
HTTP_ADDR = 'LOCAL_IP_HERE:8585' # used with proxy for domain
also in your nginx
https://docs.cortezaproject.org/corteza-docs/2022.9/devops-guide/troubleshooting/index.html#ws-nginx-connection-fail
location /api/websocket {
proxy_pass http://server:80;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}
1 Like