Hello,
I realise the last post was some time ago, but I’m also wrestling with the same problem. I want to host my OpenSprinkler setup over HTTPS, locally on my home network.
I have configured an instance of apache2 on my Raspberry Pi to host the UI assets and reconfigured OSPi to use it (with the help of a support ticket). I have tried various reverse proxy configuration (using Apache’s mod_proxy) and now have it mostly working.
The system appears to respond, but occasionally shows a generic “Network error” in the red ticker at the bottom of the OpenSprinkler UI (the same thing which shows if you have Raid delay set). I think this is possibly a problem with the “Weather Service” due to “mixed content” loading in the Browser, but I’m still trying to figure it out.
I stumbled through the official guide as it is lacking a lot of detail but eventually got the UI assets hosted
https://openthings.freshdesk.com/support/solutions/articles/5000164006-using-a-different-server-for-ui-assets
I then wrestled with the mod_proxy configuration and got the following to *mostly* work.
Firstly I have two DNS entries for the Raspberry Pi hosting this. For these examples they are “opensprinkler.lan” and “othername.lan”. both names resolve to the same IP, that of the Raspberry PI.
I then configured Apache for a basic SSL configuration (not documented here) using self-signed certificates for now (I’ll fix this later)
Then I enabled the following two “site” config files, after extracting the OSPi assets file in to /var/www/html
This is saved as ospi-assets-ssl.conf:
`
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName othername.lan
ServerAlias othername.lan
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<FilesMatch “\.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
DocumentRoot /var/www/html
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
</IfModule>
`
This is saved as reverseproxy-ssl.conf:
`
IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName opensprinkler.lan
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<FilesMatch “\.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:8008/
ProxyPassReverse / http://127.0.0.1:8008/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
</IfModule>
`
Then reloaded apache and tested.
I then configured my OpenSprinkler to use Javascript assets from https://othersite.lan/js . I had to do this by going to http://opensprinkler.lan:8008 (the insecure port I have OpenSprinkler run on) and I followed the instructions in the guide linked at the top of this post to change the JavaScript URL there.
As mentioned this *mostly* works. Occasional network errors occur but the interface otherwise seems to work.