guest_worker/README.md
2019-11-01 17:02:38 +01:00

90 lines
2.1 KiB
Markdown

## Webserver
Webserver is published to the web trough ssh remote forward. In /etc/ssh/sshd_config set `GatewayPorts yes`.
Then start `autossh` to maintain the connection:
```bash
autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -R 8127:localhost:8888 here.rubenvandeven.com
```
To resolve the country the (imprecise) GeoLite2 Free Country dataset is used. Download it [from MaxMind](https://dev.maxmind.com/geoip/geoip2/geolite2/) and store it in the project root folder.
## Scanning
For scanning run visudo and add to the sudoers file:
```
mt ALL=(ALL) NOPASSWD: /usr/bin/scanimage
```
# Installation
Software dependencies:
- python3
- pipenv
- usbrelay
- autossh
Python deps:
```bash
pipenv install
```
## Usbrelay
When installing usbrelay
```
apt install usbrelay
```
And set udev rules to access the device by anyone, according to usbrelay docs:
```
SUBSYSTEM=="usb", ATTR{idVendor}=="16c0",ATTR{idProduct}=="05df", MODE="0666"
KERNEL=="hidraw*", ATTRS{busnum}=="1", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="05df", MODE="0666"
```
into `/etc/udev/rules.d/50-dct-tech-usb-relay-2.rules` and then reload rules:
```bash
sudo udevadm control --reload-rules && sudo udevadm trigger
```
## Apache on here.rubenvandeven.com
Unfortunately an SSH remote port-forward does change the ip of the requester into ::1/127.0.0.1. One solution would be to run a proxy on the server itself, which forwards a port to our server port, while adding a X-Forwarded-For header.
Example of apache host setup to forward remote port 8888 to local port 8127, to which we connect our (auto)ssh remote tunnel (see above).
```
Listen 8888
<VirtualHost *:8888>
Servername here.rubenvandeven.com
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:8127/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://localhost:8127/$1 [P,L]
ProxyPass / http://localhost:8127/
ProxyPassReverse / http://localhost:8127/
ProxyPreserveHost On
</VirtualHost>
```
requires `a2enmod rewrite proxy proxy_http proxy_wstunnel`