Access your old iDRAC java web applet through the power of nix time travelling
Go to file
Oystein Kristoffer Tveit 45fd9e59d5
Server alive
2022-11-07 15:49:46 +01:00
.gitignore Server alive 2022-11-07 15:49:46 +01:00
README.md Server alive 2022-11-07 15:49:46 +01:00
adjust-viewer.nix Server alive 2022-11-07 15:49:46 +01:00
flake.lock Server alive 2022-11-07 15:49:46 +01:00
flake.nix Server alive 2022-11-07 15:49:46 +01:00
viewer.jnlp Server alive 2022-11-07 15:49:46 +01:00

README.md

Save my Dell Poweredge r710

So my r710 is dead (some disks failed or whatever). But do you know what's even more dead? Java Web Applets. And idrac6 just so happens to use that in order to launch your shell...

Luckily, nixpkgs is a god damn time machine. It can let you travel all the way back to 2015 and use the old technology stack that allows you to speak to the idrac.

Steps

1. Log into idrac

idrac6 still uses TLS 1.0, which isn't really supported anymore. I also could not find the option to allow older TLS versions in chrome, so I had to use firefox to access the idrac webpage.

  • open about:config in the url bar
  • search for the setting named security.tls.version.min
  • set it to 1

2. Download the virtual console file

Once you are there, you can click the launch button on the left side inside the "Virtual Console Preview" pane, which should download some sort of viewer.jnlp file (might be named slightly differently).

You must replace that file with this repos viewer.jnlp, because it contains a new user/password setting that lets you connect properly.

3. Adjust settings in flake.nix

Go into flake.nix and scroll down to packages.${system}.adjustedViewer. Here, you will find some settings that will be overwritten in viewer.jnlp when running the program.

3.5 ssh into a machine that can access your idrac

The reason i even needed to use the idrac in the first place, was that i was physically not in the same location as the machine. Luckily, I had remembered to set up a separate raspberry pi with an ssh server, just in case something like this happened. That way, I could forward the ports I needed to access the idrac.

SSH into your machine with access to the idrac, and port forward both the https port and the kmport/vport.

ssh <pi-hostname> -p <pi-port> -L 8000:<idrac-hostname>:443 -L 5900:<idrac-hostname>:5900

4. nix run

Use the default app. This should firstly create a modified version of viewer.jnlp with your updated settings from step 3. Then it will spin up the old version of icedtea-web that lets you access your idrac.