How to get Unifi controller working behind Teleport

Accessing applications behind Teleport provides a secure way of logging into applications through HTTPS as well as behind the Teleport OTP.

Assuming your Teleport URL is as follows:

ssh.yourdomain.com

And your Unifi controller has the the following URL:

unifi.ssh.yourdomain.com

You’ll find that you encounter a 403 error upon login to your Unifi controller. In order to solve this, use the following app config in your /etc/teleport.yml:

app_service:
  enabled: "yes"
  debug_app: false
  apps:
  - name: unifi
    uri: https://localhost:8443
    public_addr: ""
    insecure_skip_verify: true
    rewrite:
      headers:
      - "Origin: https://unifi.ssh.yourdomain.com"
      - "Host: unifi.ssh.yourdomain.com"

The important parts to take note of are the Origin and Host parts. Be sure to restart teleport after the config change and the 403 error will be a thing of the past.

Ceph rbd: mgr command failed: (2) No such file or directory

Create image of physical machine and migrate to VM Proxmox

Post navigation

You may also like

Setup Teleport SSH in Docker with LetsEncrypt