Hello,
I have a problem with no display on my vmrc console.
I installed minione by default on debian 11.
My infrastructure is on vmware vcenter 8.
I have apache reverse proxy in 2.4 (another vm).
on my firewall the open ports are 443.
here is my vhost apache configuration and my sunstone server.conf
<VirtualHost *:443>
# Décommentez cette ligne et indiquez-y l'adresse courriel de l'administrateur du site
#ServerAdmin webmaster@my-domain.com
# Classique, votre nom de domaine
ServerName exemple.com
# Si jamais vous avez d'autres domaines renvoyant sur ce site, utilisez la dircetive ServerAlias
# Vous pouvez utiliser le joker * pour prendre en compte tout les sous-domaines
#ServerAlias www2.my-domain.com www.my-other-domain.com *.yet-another-domain.com
# L'emplacement des logs.
ErrorLog /var/log/apache2/monsite.tld-error.log
LogLevel warn
CustomLog /var/log/apache2/monsite.tld-access.log combined
# SSL magic
#
# Il est nécessaire d'activer SSL, sinon c'est http qui sera utilisé
SSLEngine On
# On autorise uniquement les clefs de cryptage longue (high) et moyenne (medium)
# SSLCipherSuite HIGH:MEDIUM
# On autorise SSLV3 et TLSv1, on rejette le vieux SSLv2
# SSLProtocol all -SSLv2
# La clef publique du serveur :
SSLCertificateFile /etc/apache2/ssl/XXXXXXXX.cer
# La clef privée du serveur:
SSLCertificateKeyFile /etc/apache2/ssl/XXXXXXXX.key
# Theses lines only apply of the rewrite module is enabled.
# This is a security enhancement recommanded by the nessus tool.
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
#Ne commentez jamais cette ligne, elle évite que votre serveur soit utilisé comme proxy par des gens mal-intentionnés.
ProxyRequests Off
# Cetet option passe les nom d'hôte au serveur, ce qui vous permet d'utiliser également des hôtes virtuels sur le serveur principal.
ProxyPreserveHost On
# Les lignes classiques de proxy. Comme dit au dessus, on passe le flux en http.
ProxyPass / http://XXXXXX:2616/
ProxyPassReverse / http://XXXXXXX:2616/
# Autoriser l'accès au contenu à travers le proxy.
#Ne l'enlevez pas si vous voulez que le site fonctionne !
<Location />
--------------------------------------------------------------------------
Copyright 2002-2022, OpenNebula Project, OpenNebula Systems
Licensed under the Apache License, Version 2.0 (the “License”); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an “AS IS” BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
#--------------------------------------------------------------------------- #
################################################################################
Server Configuration
################################################################################
Directory to store temp files when uploading images
:tmpdir: /var/tmp
OpenNebula sever contact information
:one_xmlrpc: http://localhost:2633/RPC2
:one_xmlrpc_timeout: 60
:subscriber_endpoint to subscribe for OpenNebula events must match those in
oned.conf
:subscriber_endpoint: tcp://localhost:2101
Server Configuration
:host: 0.0.0.0
:port: 80
Place where to store sessions, this value can be memory, memcache or memcache-dalli
Use memcache when starting multiple server processes, for example,
with passenger
NOTE. memcache needs a separate memcached server to be configured. Refer
to memcached documentation to configure the server.
:sessions: memory
Memcache configuration
:memcache_host: localhost
:memcache_port: 11211
:memcache_namespace: opennebula.sunstone
Excution environment for Sunstone
dev, Instead of pulling the minified js all the files will be pulled (app/main.js)
Check the Building from Source guide in the docs, for details on how to run
Sunstone in development
prod, the minified js will be used (dist/main.js)
:env: ‘prod’
Maximum allowed size of uploaded images (in bytes). Leave commented for
unlimited size
:max_upload_file_size: 10737418240 # 10 GiB
################################################################################
Log
################################################################################
Log debug level
0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG
System
- file: log to log file
- syslog: log to syslog
:log:
:level: 3
:system: ‘file’
################################################################################
Proxy
################################################################################
Enable an http proxy for the support portal and to download MarketPlaceApps
from the MarketPlace to the user’s desktop.
:proxy: http://:
:no_proxy: localhost, 127.0.0.0/8
################################################################################
Auth
################################################################################
Authentication driver for incoming requests
sunstone: for OpenNebula’s user-password scheme
x509: for x509 certificates based authentication
opennebula: the authentication will be done by the opennebula core using the
driver defined for the user
remote: performs the login based on a Kerberos REMOTE_USER variable or
X-Auth-Username header provided by authentication backend
:auth: opennebula
Authentication driver to communicate with OpenNebula core
cipher, for symmetric cipher encryption of tokens
x509, for x509 certificate encryption of tokens
:core_auth: cipher
Two Factor Authentication Issuer Label
:two_factor_auth_issuer: opennebula
################################################################################
WebAuthn
################################################################################
This value needs to match window.location.origin evaluated by the User Agent
during registration and authentication ceremonies. Remember that WebAuthn
requires TLS on anything else than localhost.
:webauthn_origin: http://localhost:9869
Relying Party name for display purposes
:webauthn_rpname: ‘OpenNebula Cloud’
Optional client timeout hint, in milliseconds. Specifies how long the browser
should wait for any interaction with the user.
:webauthn_timeout: 60000
Optional differing Relying Party ID
See Web Authentication: An API for accessing Public Key Credentials - Level 2
:webauthn_rpid: example.com
Supported cryptographic algorithms
See JSON Object Signing and Encryption (JOSE)
Possible is any list of
ES256 | ES384 | ES512 | PS256 | PS384 | PS512 | RS256 | RS384 | RS512 | RS1
:webauthn_algorithms: [ES256, PS256, RS256]
################################################################################
UI Settings
################################################################################
:vnc_proxy_
port: port where the vnc proxy will listen. Could be prefixed with
an address on which the sever will be listening (ex: 127.0.0.1:29876).
support_wss: no | yes | only. For yes and only, provide path to
cert and key. “yes” means both ws and wss connections will be
supported.
cert: Certificate to encrypt wss connections.
key: Key for wss connections. Only necessary if not included in cert.
ipv6: Enable ipv6 support for novnc-server
:vnc_client_port: port where the vnc JS client will connect
If not set, will use the port section of :vnc_proxy_port
:vnc_request_password: true | false
Request VNC password for external windows, by default it will not be requested
:allow_vnc_federation: yes | no
Allow VNC functionality in remote OpenNebula in a federation (needs special setup)
:vnc_proxy_port: 29876
:vnc_proxy_support_wss: no
:vnc_proxy_cert:
:vnc_proxy_key:
:vnc_proxy_ipv6: false
:vnc_request_password: false
:allow_vnc_federation: no
Login Session Length in seconds, defaults to 1 hour.
#:session_expire_time: 3600
True to display ‘Keep me logged in’ option.
:keep_me_logged: true
Default language setting
:lang: en_US
Default table order
:table_order: desc
Default views directory
:mode: ‘mixed’
Retrieve extended information from OpenNebula
:get_extended_vm_info: false
Retrieve extended information about monitoring from OpenNebula
:get_extended_vm_monitoring: false
this is for custom paginate
:paginate: “[[6, 12, 36, 72], [6, 12, 36, 72]]”
this display button and clock icon in table of vm
:leases:
suspend:
time: “+1209600”
color: “#000000”
warning:
time: “-86400”
color: “#085aef”
terminate:
time: “+1209600”
color: “#e1ef08”
warning:
time: “-86400”
color: “#ef2808”
This disable the information sending via URL to Guacamole console
:disable_guacamole_info_header: no
This change the thresholds of dashboard resource usage
:threshold_min: 0
:threshold_low: 33
:threshold_high: 66
#support filesystem
:support_fs:
- ext4
- ext3
- ext2
- xfs
################################################################################
Check Official support
################################################################################
#:token_remote_support:
################################################################################
OneFlow
################################################################################
OneFlow endpoint
:oneflow_server: http://localhost:2474/
################################################################################
Routes
################################################################################
Array of files containing ruby code to extend the default sunstone-server
routes. These files must be placed inside the custom_routes directory
in the sunstone root dir (/usr/lib/one/sunstone/routes)
Example:
$ ls /usr/lib/one/sunstone/routes
custom.rb other.rb
$ cat /usr/lib/one/sunstone/routes/example.rb
get ‘/custom’ do
body “It works”
end
#:routes:
- custom
- other
:routes:
- oneflow
- vcenter
- support
- nsx
################################################################################
FireEdge
################################################################################
:private_fireedge_endpoint: http://127.0.0.1:2616
:public_fireedge_endpoint: http://exemple.com:2616
Order deny,allow
Allow from all
</VirtualHost>
Can you tell me why nothing is showing in my vmrc console ?
Thank you