LXD Demo Server over HTTPS

Hello all,

I am quite new to LXD and have been trying to set it up for the past couple of days.

Installing and running the demo server is a piece of cake, however I have no idea how to make it run over HTTPS; I have tried editing the configuration file, changing the port but nothing seems to do the trick.

I would be grateful if anyone points me in the right direction.
Thank you!

Hi!

There is a relevant issue on this at

Apparently, the LXD Demo server can handle only http, not https.
As mentioned in the issue though, you can use a front-end server to add https support.
You can use, for example, nginx as a reverse proxy and TLS termination proxy, and that’s it.

See more about using nginx as a reverse proxy and TLS termination proxy at

Hi simos,

Thank you for the swift reply.
I am currently running a server with an active TLS certificate provided by Cloudflare.

I am struggling to make the Demo Server use the TLS certificate - sorry if this is a stupid question but I am pretty unsure of how this is done.

Thank you for your time!

In that case, you would expose the http port of the LXD demo server to the Internet, and setup iptables rules so that this port is only accessible by the Cloudflare server. The iptables is not strictly required, however I suggest to do it anyway.

According to https://www.cloudflare.com/ssl/ the above paragraph describes the Flexible SSL solution. You can also try the Full SSL solution, which is what I describe in my first answer. In Full SSL, you would setup an additional hostname, like lxd-demo-server-internal.example.com, get a Let’s Encrypt certificate, and point Cloudflare to connect to this hostname.

Thank you for the clarification.

I am on it, will post and update once I get it working.

Thank you again!

Hi simos,

I have gotten some familiarity with lxd and lxc during these 2 days.
I am also able to confirm that my browser has access to lxd over https since I am getting a successful sync operation:

I went through the REST API documentation and the Directly interacting with the LXD API article from stgraber however I still have no idea how to actually recreate the functionality of the demo server.
This functionality being accessing www.example.com:8443 and from there lxd automatically creating a lxc and displaying a shell session into the browser.

Could you give me any tips or point me to what I should read / learn in order to be able to do this?

Thank you for your patience!

Regards,
Dimitar

Port 8443 is for the REST API and not the port for your users to visit with the browser.
When you run the LXD demo server binary, it opens up port 8080, and this is the port for your users.
To run the binary of the LXD demo server, you need to setup first the environment and also create a proper lxd-demo.yaml configuration file. About the environment configuration, see https://ubuntu.com/blog/run-your-own-lxd-demo-server You need an existing LXD setup to be there, and be configured according the configuration file.

When you get something similar to the following, then it means that the LXD demo server is configured properly, and you can perform the next steps in setting up https.