I made a better remote-live-view page [OLD]

[bp2008]

I found a PC that yielded the login failure error message, yesterday, and indeed, it seems like Blue Iris wasn't following its own convention of always providing a reason when login fails. Updating to the latest version of BI did fix it.

 

[Mike A.]

If you have Blue Iris using a different web server root directory you can use that. Or you can put it in a subdirectory. Heck you can even run UI2 without a web server these days, just opening ui2.htm in a browser and it will function like a client app.

Well, that was easy. Not sure why I didn't do this long ago. Much better. Very nice job. Thanks!

 

[Jury]

Finally this cool GUI started to work for me. To avoid 403 error each user should have ui2.htm as home page. Then you don't need to provide it in address bar.

 

[bobfather]

@bp2008 - I noticed a few pages ago some talk about issues with hiding Blue Iris behind a reverse proxy. Did these ever get solved for using UI2?

The problem does seem to lay on Blue Iris, because even the mobile.htm page fails to come through with a pretty standard nginx reverse proxy configuration. I'm stumped though, because the Blue Iris app on iOS works perfectly well with a reverse proxy. In your investigation of this, did you ever come to a conclusion why viewing cams through a web browser would fail on a reverse proxy?

 

[Jury]

@bp2008 - I noticed a few pages ago some talk about issues with hiding Blue Iris behind a reverse proxy. Did these ever get solved for using UI2?

The problem does seem to lay on Blue Iris, because even the mobile.htm page fails to come through with a pretty standard nginx reverse proxy configuration. I'm stumped though, because the Blue Iris app on iOS works perfectly well with a reverse proxy. In your investigation of this, did you ever come to a conclusion why viewing cams through a web browser would fail on a reverse proxy?

I'm using via reverse proxy. The only thing I was not able to achieve is to use it via 443 with location instead of using separate port. But I didn't try this once again after last updates. Going to try this weekend.

 

[bobfather]

Weird. From UI2.htm I get:

Loading Web Content OK
Checking Session Status OK
Loading Server Status BUSY
Loading Camera List BUSY

Then Unable to contact Blue Iris Server pops up at bottom.

Would you mind posting your reverse proxy settings you have that work for you?

 

[Jury]

Weird. From UI2.htm I get:

Loading Web Content OK
Checking Session Status OK
Loading Server Status BUSY
Loading Camera List BUSY

Then Unable to contact Blue Iris Server pops up at bottom.

Would you mind posting your reverse proxy settings you have that work for you?

Sure. No problem. I'll post my config later in the evening. Just one thing. Nginx is on another machine (virtual). But should not be a case.

 

[bobfather]

Sure. No problem. I'll post my config later in the evening. Just one thing. Nginx is on another machine (virtual). But should not be a case.

Thank you! I also run nginx on a Hyper-V VM, and although it might be a configuration issue on my end, I'm inclined to believe that it might be the SSL that's mucking things up. I noticed you don't use SSL, right?

 

[Jury]

I'm using Let's encrypt signed certificates.

 

[bobfather]

I'm using Let's encrypt signed certificates.

I see. Well when you get a minute later I'd love to see the Blue Iris relevant parts of your config! Thanks so much!

 

[Frank Ecker]

I see. Well when you get a minute later I'd love to see the Blue Iris relevant parts of your config! Thanks so much!

I'm not the person to whom you replied but I can tell you that you can use Let's Encrypt certificates with stunnel but you need to generate your certificates using either 1) another web server such as nginx where you can post the challenge key in a known location (you can't do this with the BI web server) or 2) use the challenge method where you post a known txt record to your dns records.

Once you have your keys, you can use them in the stunnel config with

[Blue-Iris]
accept = 443
connect = 81
CApath = C:\Program Files\stunnel\config\
cert = C:\Program Files\stunnel\config\certX.crt.pem
key = C:\Program Files\stunnel\config\certX.key.pem

edit - if you are interested in generating LetsEncrypt certificates from and for your BI machine, you can install follow these instructions Quick Start · ebekker/ACMESharp Wiki · GitHub and use either a local nginx installation for method #2 or manually create dns records and use method #3.

 

[Jury]

I see. Well when you get a minute later I'd love to see the Blue Iris relevant parts of your config! Thanks so much!

server {
    listen {YOUR_EXTERNAL_PORT};
    ### Change the following line to match your website name

    # SSL Settings
    ### If you are using different names for your SSL certificate and key, change them below:
    ssl on;

    ssl_certificate /path_to/MY_CERT.crt;
    ssl_certificate_key /path_to/MY_KEY.key;

    # This settings are destined to limit the supported crypto suites, this is optional and may restrict the availability of your website.
    #ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    access_log /var/log/nginx/access_blueiris.log;
    error_log /var/log/nginx/error_blueiris.log;

    location / {
      tcp_nodelay             on;
      tcp_nopush              off;
      proxy_buffering         off;
      proxy_buffer_size 256k;
      proxy_buffers 4 512k;
      proxy_busy_buffers_size 512k;
      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      proxy_pass          http://{BI_LAN_IP_ADRESS}:81/;
      proxy_read_timeout  90;

      proxy_redirect      http://{BI_LAN_IP_ADRESS}:81/ https://{DOMAIN_NAME}:{YOUR_EXTERNAL_PORT}/;
    }
}

This is a code placed in conf (I named blueiris.conf) file inside sites-available foldef on Nginx. Of course you should have symlink in sites-enabled to this conf.
Of course restart Nginx after adding. Not sure about last "proxy_redirect". It left from old tries and I didn't cleaned a script.

 

[Jury]

I'm not the person to whom you replied but I can tell you that you can use Let's Encrypt certificates with stunnel but you need to generate your certificates using either 1) another web server such as nginx where you can post the challenge key in a known location (you can't do this with the BI web server) or 2) use the challenge method where you post a known txt record to your dns records.

Maybe this approach totally fine if you have to proxy ONLY BI. In my case it's plent of stuff proxied....

 

[bobfather]

Thanks for posting your configuration. It was very similar to my own, but even after adding the couple lines mine lacked, I still can't get UI2 to fully load correctly.

One big configuration difference I noticed is that you have your location as just <yourdomain>/, whereas my location is setup to be <mydomain>/blueiris/ - I did change the Virtual setting in the BI web configuration area to be /blueiris/, but no bueno. I wonder if that's where my trouble is?

 

[Jury]

Thanks for posting your configuration. It was very similar to my own, but even after adding the couple lines mine lacked, I still can't get UI2 to fully load correctly.

One big configuration difference I noticed is that you have your location as just <yourdomain>/, whereas my location is setup to be <mydomain>/blueiris/ - I did change the Virtual setting in the BI web configuration area to be /blueiris/, but no bueno. I wonder if that's where my trouble is?

That's what I wrote before. I played with "virtual host". I was not able to use location. Location didn't worked for me as well. Only as "root" with distinct port.

 

[bobfather]

Oh I see, I misunderstood then. I would think that maybe the virtual setting is bugged. Did you ever get in touch with the BI dev to ask about it? As I said above, I think it's definitely a BI problem because even mobile.htm is broken when using a virtual path.

 

[Jury]

Oh I see, I misunderstood then. I would think that maybe the virtual setting is bugged. Did you ever get in touch with the BI dev to ask about it? As I said above, I think it's definitely a BI problem because even mobile.htm is broken when using a virtual path.

I didn't contacted them, because before couple of days ui2 not worked for me normally at all. Now it's working and I will try once again. If this will not work, then will try to report a problem.

 

[bp2008]

Using a virtual directory with your reverse proxy is not currently a good idea. (e.g. http://localhost/blueiris/)

UI2 and possibly some of the official/included web interfaces are explicitly asking for data and images from the server root (e.g. http://localhost/"). So what happens is the browser asks for http://localhost/image/index and the reverse proxy rejects it because the requested item isn't in the /blueiris/ subdirectory.

I suppose I should fix that for you guys, but I have no ETA on a new release because I've been busy lately. If I release another UI2 without this fix, please remind me.

 

[Jury]

Nice to hear. Will wait for.

 

[Jury]

If I release another UI2 without this fix, please remind me.

Is it possible to add configuration for show/hide "Clips" area by default?