Nixpkgs: services/unifi: http://localhost:8443 returns invalid response, binary string

Created on 25 Jul 2019  Â·  6Comments  Â·  Source: NixOS/nixpkgs

I'm unsure if this is a UniFi bug or a nixpkgs bug; I do not have access to another system to test.

Describe the bug
Entering http://localhost:8443 for a UniFi controller service with default settings returns a binary string instead of the expected control panel. https://localhost:8443 works, however.

To Reproduce
Steps to reproduce the behavior:

  1. Add services.unifi.enable = true; to your system's configuration and rebuild.
  2. Try to access http://localhost:8443, alt.:
$ curl -s http://localhost:8443 --output - | xxd
00000000: 1503 0300 0202 0a                        .......

Expected behavior
I should be presented with the control panel, or be redirected to the https URL.

Metadata
system: "x86_64-linux", multi-user?: yes, version: nix-env (Nix) 2.2.2, channels(root): "nixos-19.03.173165.55b8860aa20, nixos-hardware", channels(tmplt): "nixos-19.03.173165.55b8860aa20", nixpkgs: /nix/var/nix/profiles/per-user/root/channels/nixos

bug
Source
picture tmplt

All 6 comments

cc @erictapen; maintainer.

tmplt picture tmplt on 25 Jul 2019

Ah yeah, that is an ongoing problem. Those bytes you are seeing are the TLS handshake, which of course makes no sense on an HTTP URL… So for some reason their webserver is not sensible wether a request comes via HTTP or HTTPS.

Only solution I see is to put it behind something like Nginx and do the redirect there, but I dislike the idea of putting that into the NixOS module, as it would mean bloat. For any change inside the application I don't have enough knowledge about the software yet.

pinging @0x4A6F, any idea?

erictapen picture erictapen on 25 Jul 2019

@Tmplt Try to use the http port (8080). This will redirect to https.

0x4A6F picture 0x4A6F on 25 Jul 2019
👍1

On 25-07-2019 13:24, Justin Humm wrote:

Ah yeah, that is an ongoing problem. Those bytes you are seeing are the TLS handshake, which of course makes no sense on an HTTP URL… So for some reason their webserver is not sensible wether a request comes via HTTP or HTTPS.

Only solution I see is to put it behind something like Nginx and do the redirect there, but I dislike the idea of putting that into the NixOS module, as it would mean bloat. For any change inside the application I don't have enough knowledge about the software yet.
Not necessarily a nixpkgs bug then. I'll have to remember to use https
or port 8080 as @0x4A6F pointed out.

Have this been reported upstream to Ubiquiti?

tmplt picture tmplt on 27 Jul 2019

Actually as I see the situation, this isn't a bug imo. It's just that both HTTP and HTTPS use non-standard ports and therefore make the http-https mishap more easy. When I access http://example.com:443/ I also get miscellaneous errors on many sites.

Still I have to admit that the TLS bytes are much more annoying compared to e.g. the Nginx error message.

https

I haven't reported anything to Ubiquiti yet.

erictapen picture erictapen on 28 Jul 2019

On 28-07-2019 02:23, Justin Humm wrote:

Actually as I see the situation, this isn't a bug imo. It's just that both HTTP and HTTPS use non-standard ports and therefore make the http-https mishap more easy. When I access http://example.com:443/ I also get miscellaneous errors on many sites.
Alright. This issue can be closed as far as I am concerned.

tmplt picture tmplt on 28 Jul 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

retrry picture retrry  Â·  3Comments
spacekitteh picture spacekitteh  Â·  3Comments
langston-barrett picture langston-barrett  Â·  3Comments
edolstra picture edolstra  Â·  3Comments
grahamc picture grahamc  Â·  3Comments