mapserver icon indicating copy to clipboard operation
mapserver copied to clipboard
verified publisher icon minetest-mapserver

reachable via HTTPS instead of HTTP ?

Open RonXTCdaBass opened this issue 1 year ago • 3 comments

Hello! I also use this map server on a small Windows 10 computer at home. Is it possible to access the map via https? Unfortunately, it is almost impossible to integrate it into my website using an iframe without security. I have no idea about compiling or programming, I could only use the finished release.

RonXTCdaBass avatar Jan 12 '25 13:01 RonXTCdaBass

the mapserver doesn't support TLS/HTTPS out of the box. Usually you would put a TLS/HTTP termination reverse proxy in front of it (i've used nginx and traefik in the past). I can only help you with a container setup though, haven't used it any other way, sorry :/

Are you trying to make your win 10 box reachable from the internet? :thinking:

BuckarooBanzay avatar Jan 12 '25 18:01 BuckarooBanzay

the mapserver doesn't support TLS/HTTPS out of the box. Usually you would put a TLS/HTTP termination reverse proxy in front of it (i've used nginx and traefik in the past). I can only help you with a container setup though, haven't used it any other way, sorry :/

Are you trying to make your win 10 box reachable from the internet? 🤔

Okay thanks at first! my server runs stable and is reachable from the internet nearly a year ^^ Map but i want to show the map in a phpbb which runs with https at my webspace. iframe with unsecure http dont shows...

i will come later back her. i must now (9 mins ago) short and fast out. ;)

RonXTCdaBass avatar Jan 13 '25 01:01 RonXTCdaBass

tldr; use a simple reverse proxy, like caddy (or the already mentioned nginx or traefik). see config example below

if you're going to be sharing several SSL services over the same box and domain, you're going to want to familiarize yourself with reverse proxies. im not even sure of another way to efficiently do this otherwise, to be honest.

containers, port redirection, and reverse proxies are your friends when connecting weird services together. I have Nextcloud, Coder, Jellyfin, Jellyseerr, Yamtrack, Ntfy, Bluemap, and mapserver all hosted off of the same box, iframed in various Nextcloud apps because they all use the same domain. i just containerize pretty much everything (using Docker and Podman), so forcing a program to use a specific port even if it doesn't support it is really easy (i just ask the container to bind to a different one). then you can just ask your reverse proxy to grab traffic from that port (maybe modify some headers if you need to) and serve it over your specified domain with SSL.

i have mapserver reverse proxied using caddy (which makes reverse proxying for like 99% of configurations a matter of like maybe 4 config lines at most). if you're running baremetal (no containers), your config would probably look something like:

mapserver.yourdomain.com {
    reverse_proxy localhost:8080
}

it really is that simple. if you're using something like caddy it will handle certs for you. just create DNS records for your domain, so it can discover itself and create its own certificate (I just use a AAAA/ipv6 record for auth). just check your caddy logs to ensure it can successfully discover itself through your DNS records. if it can't, it will probably tell you what it needs.

nickgirga avatar Dec 15 '25 03:12 nickgirga