[OSRM-talk] TLS & Reverse Proxy of OSRM front end

Fri Apr 16 17:04:39 UTC 2021

Sorry — you’re right I included little detail, bad question.  

Strong guesswork maybe though as you’re absolutely right, I thought the front end collected the routing data and then sent it to the browser client. 

Will make the back-end available to the browser and see if it works, thanks!! 

------------------

I'm not a tinfoil hat kind of guy, but data privacy is a rapidly growing issue. Most 'free' services are are actually paid for with your privacy. Did you know Google, Microsoft, Yahoo etc all scan your email, its attachments etc and use it to profile you? 

Four quick steps: 
1. Get free encrypted email @ www.tutanota.com <http://www.tutanota.com>. 
2. Change your DNS to Quad9 @ www.quad9.net <https://www.quad9.net/>
3. Switch browser to Firefox @ www.mozilla.org/en-GB/firefox/new <https://www.mozilla.org/en-GB/firefox/new/>/
4. Install Cloudflare WARP on your phone @ blog.cloudflare.com/1111-warp-better-vpn/ <https://blog.cloudflare.com/1111-warp-better-vpn/>

16 Apr 2021, 17:41 by osrm-talk at openstreetmap.org:

> You didn't actually say what doesn't seem to be working.  Are you getting the frontend UI to appear?  Is it just requesting routes that isn't working?
>
> One thing I will note that I'm _guessing_ might be your issue - when using `osrm-frontend`, it is no, itself, making requests to `osrm-backend` - requests are going from your _browser_ to `osrm-backend`, so you need to ensure that the backend service is available from your browser, and you've configured `osrm-frontend` to tell your browser the correct URL to access the backend.
>
> daniel
>
> On Fri, Apr 16, 2021 at 4:03 AM Tom Lawson via OSRM-talk <> osrm-talk at openstreetmap.org> > wrote:
>
>> Hi Nikhil,
>>
>> It be interesting to see — I’m obviously missing something somewhere as it’s usually reasonably straight forward! 
>>
>> cheers,
>> Tom. 
>> ------------------
>>
>> I'm not a tinfoil hat kind of guy, but data privacy is a rapidly growing issue. Most 'free' services are are actually paid for with your privacy. Did you know Google, Microsoft, Yahoo etc all scan your email, its attachments etc and use it to profile you? 
>>
>> Four quick steps: 
>> 1. Get free encrypted email @ >> www.tutanota.com <http://www.tutanota.com>>> . 
>> 2. Change your DNS to Quad9 @ >> www.quad9.net <https://www.quad9.net/>
>> 3. Switch browser to Firefox @ >> www.mozilla.org/en-GB/firefox/new <https://www.mozilla.org/en-GB/firefox/new/>>> /
>> 4. Install Cloudflare WARP on your phone @ >> blog.cloudflare.com/1111-warp-better-vpn/ <https://blog.cloudflare.com/1111-warp-better-vpn/>
>>
>>
>>
>> 16 Apr 2021, 07:23 by >> nikhil.js at gmail.com>> :
>>
>>> Hi Tom,
>>>
>>> On a Ubuntu server with Apache server setup, I'm able to reverse-proxy any application deployed on a port number to a domain / subdomain path comfortably. So, I can deploy osrm frontend and backend on proper https:// urls.
>>>
>>> I've done the same in nginx also earlier, but that requires some headache work to ensure the url params get through, and I decided apache was simpler for me.
>>>
>>> I have no idea about your config though; I don't think the same things I did will apply to your case. 
>>>
>>> But let me know if you or anyone on the list wants to see what works at apache side.
>>> --
>>> Cheers,
>>> Nikhil VJ
>>> https://nikhilvj.co.in
>>>
>>>
>>> On Fri, Apr 16, 2021 at 5:34 AM Tom Lawson via OSRM-talk <>>> osrm-talk at openstreetmap.org>>> > wrote:
>>>
>>>> Hi all, 
>>>>
>>>> I have an install of OSRM running in the following setup:
>>>>
>>>> Cloudflare -> OPNsense firewall -> Debian10 VM (Srv 1) -> Traefik container (Srv1) -> OSRM Front End container (Srv1) -> OSRM backend (Srv 2)
>>>>
>>>> It works perfectly on LAN, HTTP only: http://<ip>:9966
>>>>
>>>> OSRM Front End container (Srv1) -> OSRM Back End container (Srv2)
>>>>
>>>> I cannot seem to proxy it though to be served at a subdomain with TLS: >>>> https://maps.example.com
>>>>
>>>> Traefik rules are good; I used the same rules with other HTTP service no problem. Cloudflare is turned off entirely (DNS only) for maps subdomain. It doesn't seem to matter what config I use, I cannot get reverse proxy to work? 
>>>>
>>>> Is anyone else running their OSRM Front End behind reverse proxy successfully? Is it possible to configure TLS in NodeJS on OSRM container? 
>>>>
>>>> Thanks, 
>>>> Tom
>>>>
>>>> ------------------
>>>>
>>>> I'm not a tinfoil hat kind of guy, but data privacy is a rapidly growing issue. Most 'free' services are are actually paid for with your privacy. Did you know Google, Microsoft, Yahoo etc all scan your email, its attachments etc and use it to profile you? 
>>>>
>>>> Four quick steps: 
>>>> 1. Get free encrypted email @ >>>> www.tutanota.com <http://www.tutanota.com>>>>> . 
>>>> 2. Change your DNS to Quad9 @ >>>> www.quad9.net <https://www.quad9.net/>
>>>> 3. Switch browser to Firefox @ >>>> www.mozilla.org/en-GB/firefox/new <https://www.mozilla.org/en-GB/firefox/new/>>>>> /
>>>> 4. Install Cloudflare WARP on your phone @ >>>> blog.cloudflare.com/1111-warp-better-vpn/ <https://blog.cloudflare.com/1111-warp-better-vpn/>
>>>> _______________________________________________
>>>> OSRM-talk mailing list
>>>> OSRM-talk at openstreetmap.org
>>>> https://lists.openstreetmap.org/listinfo/osrm-talk
>>>>
>>
>> _______________________________________________
>>  OSRM-talk mailing list
>>  >> OSRM-talk at openstreetmap.org
>>  >> https://lists.openstreetmap.org/listinfo/osrm-talk
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/osrm-talk/attachments/20210416/733eee75/attachment-0001.htm>