OpenProject URLs

Added by Dirk Hildebrand about 6 years ago

Hi,

i installed openProject to a Ubuntu 18.04 LTS Server and made it available to the internet through a nginx reversproxy. My Problem now is, that some Links in OpenProject are set to the internal IP Adress and not to the Public URL, so that People from the outside cant open them., e.g. the Administrator can not open the Admin Page, because the URL of the link is http://internalip/admin instead of https://publicdomain.tld/admin or when you click on the OpenProject Logo in the Top center of the Page you are send to http://internalip instead of https://publicdomain.tld/

Where can i change that behavior?

Regards

Dirk

Replies (3)

RE: OpenProject URLs - Added by Dirk Hildebrand about 6 years ago

I guess i found it. In my Nginx settings was the

proxy_set_header Host $host;

missing. Now it seems to be fixed.

Regards

Dirk

RE: OpenProject URLs - Added by Oliver Günther about 6 years ago

Hi Dirk,

yes the proxy settings needs to forward the Host value if the system does not know it by itself. There are two places in OpenProject where this is relevant:

URLs generated from the current request (i.e. as a response to your browser's request). In this case, the HOST value from the request is being used to generate the URLs, which is why you need to set the proxy_set_header (or ProxyPreserveHost in Apache2). The same goes for HTTPS state forward if you terminate TLS/SSL on your nginx. You will then need to set the X-Forwarded-Proto https header to ensure the proxied server is notified about being in an TLS/SSL request to properly use https:// scheme.
URLs generated in background mails, such as notification mails, use our own Setting.protocol and Setting.host_name values that you can control in the Administration > System settings. In packaged installations, these values are being taken automatically from the values input in the configuration wizard.

I hope that clears up why both are needed.

Best,

Oliver

RE: OpenProject URLs - Added by Dirk Hildebrand about 6 years ago

Hey,

thank you for you reply. I guess i fixed it. This is my full nginx config:

server {

       listen       *:80;
       server_name project.domain.tld;

       if ($host =project.domain.tld) {
               return 301 https://$host$request_uri/;
       }
       return 404;
}

server {
       server_name project.domain.tld;
       error_log  /var/log/nginx/cloud-error.log;
       access_log /var/log/nginx/cloud-access.log;
       listen 443 ssl;
       ssl_certificate /etc/letsencrypt/live/project.domain.tld/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/project.domain.tld/privkey.pem;
       include /etc/letsencrypt/options-ssl-nginx.conf;
       ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
       ssl_verify_client off;

       # Set global proxy settings

       proxy_read_timeout      360;
       location /            {
                               proxy_pass_request_headers on;
                               proxy_set_header X-Forwarded-Host $host:$server_port;
                               proxy_set_header X-Forwarded-Server $host:$server_port;
                               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                               proxy_pass http://192.168.0.1;
                               proxy_set_header Host $host;}
}

Side Menu

Content