Running behind a reverse Proxy

WebThings
#1

Running the IOT Gateway there are 2 options documented for access to the interface.

  1. Running through *.mozilla-iot.org
  2. Letting the gateway get certificates for its domain through LE

I seem to be using a third option (that does not work that well)
3. Running a reverse proxy server that forwards to the http implementation

It seems at least one protocol (wss) is used in the Javascript client side that then can not be redirected by the proxy. Most notably during the adding of devices.

Personally I prefer to keep all my servers contained behind a firewalled proxy, if there would be any possible solutions or people who ran in the similar issues I would like to know.

Proxy settings advice - things appear disconnected
#2

I’m not sure what you’re using as a reverse proxy, but NGINX can proxy websockets. I’ve used this with Docker containers in the past and it works well.

The tricky part for the gateway is that there is not a separate websocket path. Instead, websockets are opened to individual thing URLs, such as http://mygateway.mozilla-iot.org/things/mything

To work around this, you can probably use a conditional statement to proxy the websocket, rather than the HTTP connection, if the Upgrade header is present, similar to this solution.

#3

Sadly I am using Apache, which means ill have to do some figure out. But that just indicates a challenge :wink:

When I find a fix ill update here for others to find.