docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon koel

Blank Page if connecting using reverse proxy

Open ebiscaia opened this issue 2 years ago • 4 comments

Hi guys,

I am not being to connect behind a nginx reverse proxy.

Here is my config:

server {

         listen 80;
         server_name koel.eddienetworks.ddnsfree.com *.koel.eddienetworks.ddnsfree.com;
         return 301 https://$host$request_uri;

}

server {

        server_name koel.eddienetworks.ddnsfree.com *.koel.eddienetworks.ddnsfree.com;


        location / {
                proxy_pass http://192.168.1.243;
                proxy_set_header Host $host;
       }

       listen [::]:443 ssl; # managed by Certbot
       listen 443 ssl; # managed by Certbot
       ssl_certificate /etc/letsencrypt/live/eddienetworks.ddnsfree.com/fullchain.pem; # managed by Certbot
       ssl_certificate_key /etc/letsencrypt/live/eddienetworks.ddnsfree.com/privkey.pem; # managed by Certbot
       include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
       ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
       add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
}

Here is the message from the proxy: [25/Feb/2022:11:33:06 +1100] "GET / HTTP/1.1" 200 609 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1" "-"

And from koel: 192.168.1.249 - - [25/Feb/2022:00:33:10 +0000] "GET / HTTP/1.0" 200 922 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1"

Note: I know it is pointless using an iPhone to play songs, but I used it just for the sake of testing the connection. The issue is the same on my computer.

Thanks

ebiscaia avatar Feb 25 '22 00:02 ebiscaia

proxy_pass http://192.168.1.243;

@ebiscaia It seems you missed the port here, should be something like this: proxy_pass http://192.168.1.243:port_your_koel_uses;

INNKCake avatar Mar 11 '22 08:03 INNKCake

Had same issue with Caddy. Got it working by setting FORCE_HTTPS = true in environment variables.

yashaskm11 avatar Mar 12 '23 02:03 yashaskm11

I'm not sure what to do, or if there's any special configuration required with caddy, but I'm getting the same issue where the logs just spit out my browser whenever I load the page.

my caddyfile just has this:

{
    reverse_proxy localhost:81
}

The docker logs also show this error, if relevant. Even with ServerName set in the apache.conf file.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.19.0.3. Set the 'ServerName' directive globally to suppress this message

viasux avatar Mar 18 '23 20:03 viasux

Alright, so it appears that the blank page, is referencing other content. All of this content is served under http, instead of https, thus making the browser not trust it and throw this error for every instance of this happening:

Mixed Content: The page at 'https://url/' was loaded over HTTPS, but requested an insecure stylesheet 'http://url/build/assets/Btn.3e44deb8.css'. This request has been blocked; the content must be served over HTTPS.

I talked to someone in an unofficial caddy community, and they said "It's not a problem at the caddy level. The site needs to know it's behind a proxy and edit it's internal URL references accordingly."

Unfortunately, there appears to be absolutely no documentation on this, which is troubling since you need to reverse proxy koel if you don't want it to be served over http. It's unclear if there even is a way to tell koel it's behind a proxy.

viasux avatar Mar 18 '23 20:03 viasux