[FEAT] VNC over HTTP

Question

[FEAT] VNC over HTTP

Closed this issue 10 months ago · 6 comments

Is this a new feature request?

I have searched the existing issues

Wanted change

I have a few different docker containers running locally - using an nginx reverse proxy to throw my wildcard SSL cert on each at the host-nginx level. This removes the need of embedding certs in each container, provided their ports are only mapped to 127.0.0.1:<PORT>. This process has been working great up until this image.

I'd like to have an option to expose the non-ssl port (I believe TCP 9080) instead of only the ssl port of 3001. This should be a relatively minor change, just exposing the additional port in the base image's Dockerfile.

Reason for change

By offering the end-user the option to use http for KasmVNC, they can choose their own certificates/reverse proxy to handle securing their container connection. While I recognize the security implications are significant - a documented, "Here be dragons" could be sufficient to dissuade non-technical users from the http option.

Proposed code change

I believe (but am not certain) this change would require altering a line to each Dockerfile on/around line 376:

EXPOSE 3000 3001 9080

Answer 1 · 2023-11-15T23:42:09.000Z

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

Answer 2 · 2023-11-15T23:52:57.000Z

I'm pretty sure KasmVNC doesn't have any options for using plain HTTP instead of HTTPS (See: https://github.com/kasmtech/KasmVNC/wiki ) - though would need confirmation from someone else within the team.

Answer 3 · 2023-11-16T00:08:05.000Z

If that's the case, then I may have misread some of the container's nginx config.

If we can't expose http for KasmVNC, is there a way to allow for injecting a custom ssl cert/key?

Edit: I'm happy to open a new issue for that ask if we want to keep this one limited to the original request.

Answer 4 · 2023-12-12T22:20:19.000Z

I'm confused port 3000 is http.

Answer 5 · 2024-01-12T17:52:51.000Z

This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 6 · 2024-03-16T17:59:19.000Z

This issue is locked due to inactivity