0 | I am trying to secure access to some shiny apps being served over our web server via https and using auth0 for login. Shiny apps don't work over https, though they work over http. System info:
console.log link https://gist.github.com/vasantm/4339b248143fa6b3f8c4d0f1773f33e9 site.conf link https://gist.github.com/vasantm/d98c8ae9de8a8667d9d2e6e59945de62 shiny-server.conf link https://gist.github.com/vasantm/43a94acd7b9fcf573cdea2a200218425. I used this reference to configure nginx and shiny Running Shiny Server with a Proxy Any clues to get shiny working over SSL? |
http {log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;error_log /var/log/nginx/error.log warn;sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;types_hash_max_size 2048;include /etc/nginx/mime.types;default_type application/octet-stream;# Load modular configuration files from the /etc/nginx/conf.d directory.# for more information.include /etc/nginx/conf.d/*.conf;map $http_upgrade $connection_upgrade {default upgrade;'' close;}
server {listen 80 default_server;listen [::]:80 default_server;server_name kristallab.bwh.harvard.edu;return 301 https://$server_name$request_uri;location / {#rewrite ^/shiny/(.*)$ /$1 break;proxy_pass http://127.0.0.1:3838;proxy_redirect http://127.0.0.1:3838/ $scheme://$server_name/;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection $connection_upgrade;proxy_read_timeout 20d;}}# Settings for a TLS enabled server.#server {#SSL configlisten 443 ssl http2 default_server;listen [::]:443 ssl http2 default_server;ssl_certificate /etc/pki/tls/certs/kristallab.bwh.harvard.edu_bundle.crt;ssl_certificate_key /etc/pki/tls/private/kristallab.bwh.harvard.edu.key;ssl_session_cache shared:SSL:10m;ssl_session_timeout 10m;ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK';ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;ssl_stapling on; # Requires nginx >= 1.3.7ssl_stapling_verify on; # Requires nginx => 1.3.7add_header Strict-Transport-Security max-age=15768000;#Server name is our external domain nameserver_name kristallab.bwh.harvard.edu;# Root locationroot /usr/share/nginx/html;# files to serveindex index.html index.htm#Load configuration files for the default server block.include /etc/nginx/default.d/*.conf;access_log /var/log/nginx/our_site_443.log main;error_log /var/log/nginx/our_site_443_err.log warn;# Open shiny server - for public appslocation / {#rewrite ^/shiny/(.*)$ /$1 break;proxy_set_header Host $server_name;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_pass http://127.0.0.1:3838;#proxy_http_version 1.1;#proxy_set_header Upgrade $http_upgrade;#proxy_set_header Connection $connection_upgrade;proxy_read_timeout 90;proxy_redirect http://127.0.0.1:3838/ $scheme://$server_name/;}
To view this discussion on the web visit https://groups.google.com/d/msgid/shiny-discuss/05d8225c-8284-4e32-93bc-235c47eff262%40googlegroups.com.--
You received this message because you are subscribed to a topic in the Google Groups "Shiny - Web Framework for R" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/shiny-discuss/-E2pm6VJxRs/unsubscribe.
To unsubscribe from this group and all its topics, send an email to shiny-discuss+unsubscribe@googlegroups.com.
To unsubscribe from this group and all its topics, send an email to shiny-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/shiny-discuss/05d8225c-8284-4e32-93bc-235c47eff262%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Shiny - Web Framework for R" group.
To unsubscribe from this group and stop receiving emails from it, send an email to shiny-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/shiny-discuss/CA%2B2i%3DBWaYEK79q_foeOP6iPrXeiuYmnvHZDuYQziUGjtNvR1FA%40mail.gmail.com.