53 lines
1.4 KiB
Markdown
53 lines
1.4 KiB
Markdown
# Incus UI Setup via Traefik (Updated)
|
|
|
|
## Status: ✅ COMPLETED
|
|
|
|
### Configuration Method: TCP Passthrough
|
|
- **Domain**: https://incus.nsntr.id
|
|
- **Backend**: 148.251.14.221:8443
|
|
- **SSL**: Passthrough (preserves client certificate auth)
|
|
- **Authentication**: Client certificate required
|
|
|
|
### Traefik Configuration
|
|
```yaml
|
|
# TCP Router with SSL Passthrough
|
|
tcp:
|
|
routers:
|
|
incus-tcp-router:
|
|
rule: "HostSNI(`incus.nsntr.id`)"
|
|
service: incus-tcp-service
|
|
entryPoints:
|
|
- websecure
|
|
tls:
|
|
passthrough: true
|
|
|
|
services:
|
|
incus-tcp-service:
|
|
loadBalancer:
|
|
servers:
|
|
- address: "148.251.14.221:8443"
|
|
```
|
|
|
|
### Access Information
|
|
- **URL**: https://incus.nsntr.id
|
|
- **Authentication**: Client certificate from keychain required
|
|
- **Certificate**: Incus client certificate must be installed in browser
|
|
|
|
### How to Test Client Certificate
|
|
1. Ensure Incus client certificate is installed in browser keychain
|
|
2. Visit https://incus.nsntr.id
|
|
3. Browser should prompt for certificate selection
|
|
4. Select the Incus client certificate
|
|
5. Should access Incus UI directly
|
|
|
|
### Benefits of TCP Passthrough
|
|
- ✅ Preserves client certificate authentication
|
|
- ✅ Direct SSL connection to Incus API
|
|
- ✅ No SSL termination issues
|
|
- ✅ Full Incus API functionality
|
|
|
|
---
|
|
**Date**: $(date)
|
|
**Status**: Incus UI accessible with client certificate authentication
|
|
**Configuration**: TCP passthrough enabled
|