Proxying Websockets and QLC

Ask a generic question about the usage of QLC+, not related to a particular operating system
Forum rules
Post Reply
User avatar
sandinak
Posts: 191
Joined: Mon Apr 03, 2017 5:40 pm
Location: Yorktown, VA
Real Name: Branson Matheson
Contact:
Contact sandinak

Heya, So this is an interesting one. I am trying to allow my students to control a lab I have setup in the shop. To do this I have created a website on a virtually hosted machine that has a VPN back here to the shop and a running version of QLC. ( hidden behind a local BasicAuth ).
Using Apache httpd and config is thus:

Code: Select all

  RewriteEngine on
  RewriteCond ${HTTP:Upgrade} websocket [NC]
  RewriteCond ${HTTP:Connection} upgrade [NC]
  RewriteRule .* "wss:/192.168.1.15:9999/$1" [P,L]
 
  ProxyPass /qlcplusWS ws://192.168.1.15:9999/qlcplusWS retry=4
  ProxyPassReverse /qlcplusWS ws://192.168.1.15:9999/qlcplusWS retry=4

  # everything else
  ProxyPass / http://192.168.1.15:9999/
  ProxyPassReverse / http://192.168.1.15:9999/
So doing some testing and getting some interesting results:
  • at first startup of httpd... first client to connect wins and can run things.
  • local clients using the local address work just fine .. they can initiate control and it's reflected both places
  • second and subsequent remote client connects, no error but can't do anything except see the page. No change reflected.
  • subsequent local clients work just fine and do the Right thing(tm)
I am kinda sure this is apache having to deal with multiple source clients and the proxy not doing the right thing .. but was curious if anyone else has figured this one out before i go tcpdumpster diving and/or use the source luke.
Top
Sp4rKy
Posts: 46
Joined: Fri Oct 12, 2018 6:36 am
Real Name:

Hi,

more used to nginx than apache but:

* it seems you're missing a / in rewriterule (wss://)
* you have a mix of ws and wss, afaik qlc+ only uses insecure (ws)
*I *think* you have a mix of config between rewriterule and proxypass : your rewrite rule matchs everything

Can you try something like :

Code: Select all

  ProxyPass / http://192.168.1.15:9999/
  RewriteEngine on
  RewriteCond ${HTTP:Upgrade} websocket [NC]
  RewriteCond ${HTTP:Connection} upgrade [NC]
  RewriteRule ^/qlcplusWS.* "ws://192.168.1.15:9999/$1" [P,L]
?
Top
User avatar
sandinak
Posts: 191
Joined: Mon Apr 03, 2017 5:40 pm
Location: Yorktown, VA
Real Name: Branson Matheson
Contact:
Contact sandinak

Good finds! I adjusted things and I think I found the culprit

Code: Select all

x.x.x.x - - [25/Feb/2021:14:01:09 +0000] "GET /qlcplusWS HTTP/1.1" [b]401[/b] 381 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15"
The second connection is getting a 401 .. and a different Sec-WebSocket-Key on the connection. did some quick research and looks like this may be a common problem for multiple clients in QT. Gonna try with the built-in HTTP auth once I write a tool for creating/managing the password file from the C/L ;)
Top
Post Reply

Return to “Generic”