Tutorial
Reference Manual
Installation
Tutorial
Reference Manual
Installation
The Apache reverse proxy can be used to secure the connection when you access resources over the Internet. This concern the CCDciel Status page and the ASCOM Remote devices.
You need a Apache web server running on a device accessible from the Internet, use the NAT configuration of your Internet router to forward the port 443 to this device.
Setup a default SSL Apache configuration, setup Let's Encrypt to get a certificate,
Install the module proxy_http in your Apache web server and add the following to a SSL virtual host configuration:
<Proxy *> Require all granted </Proxy> <Location /ccdciel/> AuthName "protected area" AuthType Basic AuthUserfile /.../.htpasswd Require user myuser ProxyPass http://192.168.1.10:3277/ ProxyPassReverse http://192.168.1.10:3277/ </Location>
Where “/…/.htpasswd” is the password file, “myuser” a user name in this file, “192.168.1.10” the IP address of the observatory computer running CCDciel.
Use the htpasswd command to generate the password file.
You can now access this page with the URL: https://myhome.server.dynamic.ip/ccdciel/ , give the password for myuser … et voila.
Use a configuration similar to above:
<Location /api/> AuthName "protected area" AuthType Basic AuthUserfile /.../.htpasswd Require user myuser ProxyPass http://192.168.1.104:11111/api/ ProxyPassReverse http://192.168.1.104:11111/api/ </Location>
The password file and user is the same as above, “192.168.1.104” is the IP address of the computer running the ASCOM Remote Server on port 11111.
To use this connection, setup the ASCOM remote protocol to https, the host to the IP of the web server, the port to 443 and the user/password defined in the .htpasswd file.
The ASCOM remote password is stored in the CCDciel configuration in the .credential file. It is not stored in clear text but it is better if you protect this file in some way, for example: chmod 600. And most important do not reuse the same password elsewhere.