linuxserver
[BUG] I used nginx to redirect to HTTPS, However, it's keep reloading.
Is there an existing issue for this?
- [ ] I have searched the existing issues
Current Behavior
I am using docker duplicati:lastest version. and Use nginx to redirect it to HTTPS
But something is not working. May I confirm that how can I change http to https?
Thank you very much.
Expected Behavior
No response
Steps To Reproduce
Nginx config location ~ ^/duplicati(/.*)$ { proxy_read_timeout 300; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_pass http://127.0.0.1:8200/$1$is_args$args; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_redirect http://127.0.0.1:8200/ /duplicati/; proxy_cookie_path / /duplicati/; if ($scheme = https) { set $xforwardedssl "on"; } proxy_set_header X-Forwarded-Ssl $xforwardedssl;
Environment
Ubuntu 24.04 LTS
ARM 64 - Raspberry PI5
CPU architecture
arm64
Docker creation
---
services:
duplicati:
image: lscr.io/linuxserver/duplicati:latest
container_name: duplicati
env_file:N
- stack.env
volumes:
- /opt/duplicati/config:/config
- /opt/duplicati/backups:/backups
- /opt/duplicati/source:/source
ports:
- 8200:8200
restart: unless-stopped
Container logs
GET /notifications?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXAiOiJBY2Nlc3NUb2tlbiIsInNpZCI6IndlYnNlcnZlciIsImZhbSI6IjVCQTk3MUZDNzczQjJE
Q0EiLCJuYmYiOjE3MzU2MDA5MjYsImV4cCI6MTczNTYwMTgyNiwiaXNzIjoiaHR0cHM6Ly9kdXBsaWNhdGkiLCJhdWQiOiJodHRwczovL2R1cGxpY2F0aSJ9.p5SafxYbId-cw-pd3m1Y6ZiJ5LxcqBXjo7QoMtPTEek HTTP/1.1" 404 555 "-" "M
ozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-"
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
What should I do? Thanks
Can you access it normally via ip:port?
Yes. The http is working. I can use it and backup to Cloud. However, I tried to use Nginx to change it to HTTPS. It will keep reload the connection.
Looks like your issue is trying to do subfolder reverse proxy.
And I have any problem. When I login from https. it will redirect to /login.html. not /duplicati/login.html.
So That's why the my nginx config is so odd.
I can point you to our reverse proxy config we ship with swag: https://github.com/linuxserver/reverse-proxy-confs/blob/master/duplicati.subfolder.conf.sample but other than that, it's outside our support.
I am not sure about wher is the files for include /config/nginx/proxy.conf; include /config/nginx/resolver.conf;
Their related to our reverse proxy, you can find the proxy.conf in our swag GitHub repo.
/config/nginx/proxy.conf
Thanks for your help. I have one more question. Is it possible to enable https from Duplicati? if yes. I can just enable it and no need to redirect via Nignx.
Hello,
see https://github.com/linuxserver/docker-duplicati/issues/89#issuecomment-2571682798
If it's like me, you should try to add these 2 WebSocket headers to your reverse proxy.
Upgrade:$http_upgradeConnection:$connection_upgrade
Is it possible to enable https from Duplicati? if yes. I can just enable it and no need to redirect via Nignx.
Yes, as described in the documentation, but there is no automatic LetsEncrypt, so you probably want to use Nginx.
Looks like your issue is trying to do subfolder reverse proxy.
There is a problem in 2.1.0.2 where it tries to use a websocket on /api/v1/notifications regardless of the subfolder in the proxy. It has been fixed in source, and will be available "soon". It does not depend on HTTPS though 🤔
你好
參見 #89 (評論)
如果和我一樣,你應該嘗試將這 2 個 WebSocket 標頭添加到你的反向代理中。
Upgrade:$http_upgradeConnection:$connection_upgrade
it is
Hello,
see #89 (comment)
If it's like me, you should try to add these 2 WebSocket headers to your reverse proxy.
Upgrade:$http_upgradeConnection:$connection_upgrade
Thanks for your sharing. But it is not work for me.
Is it possible to enable https from Duplicati? if yes. I can just enable it and no need to redirect via Nignx.
Yes, as described in the documentation, but there is no automatic LetsEncrypt, so you probably want to use Nginx.
Looks like your issue is trying to do subfolder reverse proxy.
There is a problem in 2.1.0.2 where it tries to use a websocket on
/api/v1/notificationsregardless of the subfolder in the proxy. It has been fixed in source, and will be available "soon". It does not depend on HTTPS though 🤔
Let me wait for the update. Thanks for your update :)
I also had the issue with constant reload of the webinterface behind nginx reverse proxy. I managed to resolve this with this config: Add this to nginx.conf, see: https://futurestud.io/tutorials/nginx-how-to-fix-unknown-connection_upgrade-variable
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
And also add the 2 websocket headers as mentioned earlier in your siteconfig:
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade;
Thanks for your update. However, it still does not work. it still showing net::ERR_ABORTED 404 (Not Found)
Maybe you problem is this:
proxy_redirect http://127.0.0.1:8200/ /duplicati/;
can you change that into:
proxy_redirect http://127.0.0.1:8200/;
7
you mean proxy_redirect / http://127.0.0.1:8200/; ?
I tried, but it is the same.
Maybe just remove the whole redirect option.
It is showing 404.
My currently nginx config map $http_upgrade $connection_upgrade { default upgrade; '' close; }
#This is server 443 location ~ ^/duplicati(/.*)$ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_pass http://127.0.0.1:8200/$1$is_args$args; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; }
I had this issues on two servers with different nginx setups.
One was easily solved by adding:
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
While the other one (a more complicated nginx setup) has not been solved yet. Will update when solved.
This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
