Serve ns-viewer over HTTPS

[hadillivvy]

I have a script on the production server that launches an ns-viewer process on demand and the ns-viewer command exposes the viewer on localhost port 7007. However, this connection is always HTTP and not HTTPS. I tried different ways to secure the connection but nothing is working. Any advice on how to achieve this?

[brentyi]

Hello!

A reverse proxy should work here, for example via NGINX:

• https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
• https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-with-ssl-as-a-reverse-proxy-for-jenkins

If you also need certificates, Let's Encrypt is popular: https://letsencrypt.org/

[hadillivvy]

Hi @brentyi

I tried the nginx reverse proxy approach and it worked but the problem is that I'm planning on launching multiple ns-viewer processes on the server and so I need to target the port in the URL as well and that's not working with HTTPS using the nginx reverse proxy approach. Is there a way to do it on my server like https://viewer.nerf.studio/ where I give it maybe the ws url or something and it displays the right nerf instead of giving it the port?

[Zunhammer]

Hi, I'm not sure if I get your problem right but nginx is able to work with different ports on the same server. You simply need to provide multiple configs listening to the different ports and then in the "proxy_pass" add the port of the ns-viewer instance. E.g.

server { # simple reverse-proxy
listen 7007;
[...]
location / {
proxy_pass http://127.0.0.1:7007;
}
}

and the next one like

server { # simple reverse-proxy
listen 7008;
[...]
location / {
proxy_pass http://127.0.0.1:7008;
}
}