C
Coder.com3w ago
Spiked_Grape

Kasm template / module

Hi I was trying to the kasm module and desktop enterprise container within envbox template. I can get the kasmvnc screen to come up but it always says cannot connect to server. Also I am trying to do this with subdomain = false
9 Replies
Codercord
Codercord3w ago
<#1303027009617920010>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
Spiked_Grape
Spiked_GrapeOP3w ago
Also I am running in azure aks
Phorcys
Phorcys3w ago
hey @Spiked_Grape, could you send a screenshot of the issue?
Spiked_Grape
Spiked_GrapeOP3w ago
There is just a red banner at the top of kasm that says failed to connect to server. What should the settings in kasm be under websocket drop down?
MrPeacock
MrPeacock2w ago
Hi @Spiked_Grape , we are facing the same issue when we try to open the KASM connection. We are behind WAP + WAF Kombi so access is protected. But if I use VPN then everything works as excepted. While KASM over WAP + WAF is currently not working we switched to novnc as an alternative solution. I could remember that with a lower version of KASM this was working once a time. Maybe give a try to downgrade KASM.
Spiked_Grape
Spiked_GrapeOP2w ago
I said TUN and FUSE to true on envbox. Could that be a problem? * I set
Phorcys
Phorcys2w ago
I don't think so, the issue is likely coming from the fact that you're using subdomain = false is there no way for you to switch to subdomains?
Spiked_Grape
Spiked_GrapeOP2w ago
We have coder enterprise licenses but our environment's cybersecurity team won't let us use wildcards. I can get to the kasmvnc ui on the path based like /apps/kasm or whatever but kasm isn't connected to the xfce desktop part We are following the enterprise desktop image and the kasm module etc. I say following because we just ripped out portions of the module due to airgapped environment. However, I am thinking that maybe for values need to added to this than are in the module https://www.kasmweb.com/kasmvnc/docs/latest/configuration.html
Phorcys
Phorcys2w ago
I see, path-based proxying is insecure due to the fact you can access the cookies from the Coder instance and other coder_apps inside any web-based coder_app, maybe let them know yes, for noVNC a workaround is needed to make path-based proxying work, I assume KasmVNC has the same issue given it's a fork let me find it https://github.com/uwu/basic-env/blob/59d7e8d9b0328ffa59654eb8de79f200a930fcd6/main.tf#L247-L257 try visiting the KasmVNC app and append ?path=<KasmVNC app path>/websockify
Want results from more Discord servers?
Add your server