I have scoured these forums but have not figured out how to get vnc console access in an custom web app that I'm working on. Most of the forum posts either have examples using some specific platform like php, nginx reverse proxies, ect...
I'm hoping that someone can help me with this with the end goal to document exactly what is required to get this to work and troubleshooting steps for when things don't work. I don't really want to focus on my setup as that is not the point of this post. Everyone's setup is likely going to be a little different. I'd like to start and ask for clarifying questions.
My first understanding is that a request to '/api2/json/nodes/{node}/qemu/{vmid}/vncproxy' is required. As many others have noted; this request works just fine and the response contains `user`, `port`, `upid`, `cert`, and `ticket`. From my understanding; the only two values I need from this is ticket and port that I will now refer to as vncproxy-ticket and vncproxy-port.
My second understanding is that a follow up wss request to '/api2/json/nodes/{node}/qemu/{vmid}/vncwebsocket?port={vncproxy-port}&vncticket={vncproxy-ticket}' is required.
Here are my questions:
Is an Proxmox API token sufficient as authentication for both vncproxy and vncwebsocket or is a PVEAuthCookie required?
If a PVEAuthCookie is required; is that obtained by the request to /api2/json/access/ticket?
If yes; is the ticket returned from that request "ticket: PVE......" the value that I need to set to PVEAuthCookie and does PVEAuthCookie need to be urlEncoded as well?
Am I wrong in thinking that `vncproxy-ticket` needs to be urlEncoded before adding it to the vncwebsocket request?
There has to be some sort of logs on the Proxmox nodes that would indicate why the request is failing. What logs should I be looking at? I have found /var/log/pveproxy/access but it doesn't give a clear answer of why it's not working. At best I see the request to vncwebsocket but the line just ends with "401 13" or "401 -". This isn't enough information to troubleshoot.
Thanks
I'm hoping that someone can help me with this with the end goal to document exactly what is required to get this to work and troubleshooting steps for when things don't work. I don't really want to focus on my setup as that is not the point of this post. Everyone's setup is likely going to be a little different. I'd like to start and ask for clarifying questions.
My first understanding is that a request to '/api2/json/nodes/{node}/qemu/{vmid}/vncproxy' is required. As many others have noted; this request works just fine and the response contains `user`, `port`, `upid`, `cert`, and `ticket`. From my understanding; the only two values I need from this is ticket and port that I will now refer to as vncproxy-ticket and vncproxy-port.
My second understanding is that a follow up wss request to '/api2/json/nodes/{node}/qemu/{vmid}/vncwebsocket?port={vncproxy-port}&vncticket={vncproxy-ticket}' is required.
Here are my questions:
Is an Proxmox API token sufficient as authentication for both vncproxy and vncwebsocket or is a PVEAuthCookie required?
If a PVEAuthCookie is required; is that obtained by the request to /api2/json/access/ticket?
If yes; is the ticket returned from that request "ticket: PVE......" the value that I need to set to PVEAuthCookie and does PVEAuthCookie need to be urlEncoded as well?
Am I wrong in thinking that `vncproxy-ticket` needs to be urlEncoded before adding it to the vncwebsocket request?
There has to be some sort of logs on the Proxmox nodes that would indicate why the request is failing. What logs should I be looking at? I have found /var/log/pveproxy/access but it doesn't give a clear answer of why it's not working. At best I see the request to vncwebsocket but the line just ends with "401 13" or "401 -". This isn't enough information to troubleshoot.
Thanks