I’m a little confused on the extra data that has to be input into swag to make this work. the docker install docs mention what to put with nginx, but swag is different.
the docs state nginx data should be:
server {
listen 80;
server_name openproject.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name openproject.example.com;
ssl_certificate /etc/ssl/crt/server.crt;
ssl_certificate_key /etc/ssl/crt/server.key;
proxy_redirect off;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://127.0.0.1:8080;
}
}
To go along side this, the openproject container should have its apache data changed to:
ServerName openproject.example.com
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [R,L]
ServerName openproject.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/crt/server.crt
SSLCertificateKeyFile /etc/ssl/crt//server.key
RewriteEngine on
RewriteRule "^$" "/" [R,L]
ProxyRequests off
RequestHeader set X-Forwarded-Proto 'https'
ProxyPreserveHost On
ProxyPass http://127.0.0.1:8080/
ProxyPassReverse http://127.0.0.1:8080/
my current swag openproject.subdomain.conf:
## Version 2023/05/31
# REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template.
# REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for and replace them. Review other sample files to see how things are done.
# REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as D>
# make sure that your container is named
# make sure that your dns has a cname set for
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name openproject.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app 192.168.2.211;
set $upstream_port 80;
set $upstream_proto http>;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header X-Forwarded-Proto https;
}
}
Any help would be amazing!
You must log in or register to comment.