[OSRM-talk] TLS & Reverse Proxy of OSRM front end

Tom Lawson tomlawson at tuta.io
Fri Apr 16 10:59:29 UTC 2021 

Hi Nikhil,

It be interesting to see — I’m obviously missing something somewhere as it’s usually reasonably straight forward! 

cheers,
Tom. ------------------

I'm not a tinfoil hat kind of guy, but data privacy is a rapidly growing issue. Most 'free' services are are actually paid for with your privacy. Did you know Google, Microsoft, Yahoo etc all scan your email, its attachments etc and use it to profile you? 

Four quick steps: 
1. Get free encrypted email @ www.tutanota.com <http://www.tutanota.com>. 
2. Change your DNS to Quad9 @ www.quad9.net <https://www.quad9.net/>
3. Switch browser to Firefox @ www.mozilla.org/en-GB/firefox/new <https://www.mozilla.org/en-GB/firefox/new/>/
4. Install Cloudflare WARP on your phone @ blog.cloudflare.com/1111-warp-better-vpn/ <https://blog.cloudflare.com/1111-warp-better-vpn/>



16 Apr 2021, 07:23 by nikhil.js at gmail.com:

> Hi Tom,
>
> On a Ubuntu server with Apache server setup, I'm able to reverse-proxy any application deployed on a port number to a domain / subdomain path comfortably. So, I can deploy osrm frontend and backend on proper https:// urls.
>
> I've done the same in nginx also earlier, but that requires some headache work to ensure the url params get through, and I decided apache was simpler for me.
>
> I have no idea about your config though; I don't think the same things I did will apply to your case. 
>
> But let me know if you or anyone on the list wants to see what works at apache side.
> --
> Cheers,
> Nikhil VJ
> https://nikhilvj.co.in
>
>
> On Fri, Apr 16, 2021 at 5:34 AM Tom Lawson via OSRM-talk <> osrm-talk at openstreetmap.org> > wrote:
>
>> Hi all, 
>>
>> I have an install of OSRM running in the following setup:
>>
>> Cloudflare -> OPNsense firewall -> Debian10 VM (Srv 1) -> Traefik container (Srv1) -> OSRM Front End container (Srv1) -> OSRM backend (Srv 2)
>>
>> It works perfectly on LAN, HTTP only: http://<ip>:9966
>>
>> OSRM Front End container (Srv1) -> OSRM Back End container (Srv2)
>>
>> I cannot seem to proxy it though to be served at a subdomain with TLS: >> https://maps.example.com
>>
>> Traefik rules are good; I used the same rules with other HTTP service no problem. Cloudflare is turned off entirely (DNS only) for maps subdomain. It doesn't seem to matter what config I use, I cannot get reverse proxy to work? 
>>
>> Is anyone else running their OSRM Front End behind reverse proxy successfully? Is it possible to configure TLS in NodeJS on OSRM container? 
>>
>> Thanks, 
>> Tom
>>
>> ------------------
>>
>> I'm not a tinfoil hat kind of guy, but data privacy is a rapidly growing issue. Most 'free' services are are actually paid for with your privacy. Did you know Google, Microsoft, Yahoo etc all scan your email, its attachments etc and use it to profile you? 
>>
>> Four quick steps: 
>> 1. Get free encrypted email @ >> www.tutanota.com <http://www.tutanota.com>>> . 
>> 2. Change your DNS to Quad9 @ >> www.quad9.net <https://www.quad9.net/>
>> 3. Switch browser to Firefox @ >> www.mozilla.org/en-GB/firefox/new <https://www.mozilla.org/en-GB/firefox/new/>>> /
>> 4. Install Cloudflare WARP on your phone @ >> blog.cloudflare.com/1111-warp-better-vpn/ <https://blog.cloudflare.com/1111-warp-better-vpn/>
>> _______________________________________________
>>  OSRM-talk mailing list
>>  >> OSRM-talk at openstreetmap.org
>>  >> https://lists.openstreetmap.org/listinfo/osrm-talk
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/osrm-talk/attachments/20210416/b68b4f82/attachment-0001.htm>

More information about the OSRM-talk mailing list