Improve Remove Client Authentication Services

Hello,

I currently run Indigo behind an nginx reverse proxy. I also have SecuritySpy, Grafana and my Unifi controller setup the same way. Nginx requires authentication and uses SSL to secure the portals it proxies. To make this work right, I have to turn off authentication in Indigo. The problem I'm running into is port 1176. With authentication disabled for the internal web server it also disables authentication for remote Indigo clients.

My request is that these two "services" maintain their own authentication and authorization settings, I'd like to give access to the web portal without a password (because it's protected elsewhere) while still requiring a password for remote clients.

My additional request is that you allow us to choose an IP or Interface to bind the services too. I'd like port 8176 with no auth to only be available on 127.0.0.1. I'd like 1176, with auth, to be available on 0.0.0.0. Making those bindings configurable will be really really nice for my setup.

Thanks!

[jay (support)]

Added to the request list. Thanks for the feedback.

One additional nice-to-have would be the addition of a root_url/base_url parameter. Indigo currently serves all pages from /. To make it work better with a reverse proxy it would be nice to change that to something like /indigo.

This is what I'm doing now to make it work.....

Code: Select all

        location ~ ^/(css/(dialog|fonts|controlpage4|indigo4|global4).css|js/(dialog|prototype)_pa.js|_get|controlpage|variables|devices|editvarpage|image|indigo|basicpage|actions|server(request|command)) {
                proxy_pass http://127.0.0.1:8176$request_uri;
        }

I find myself constantly adding to my nginx regex as I find new URIs that Indigo uses. Many more since I started writing new control pages.

If anyone is interested in running Indigo behind a reverse proxy, hit me up.

Still quite hopeful these features can be integrated; looking forward to the day I can protect my server with a password again!