Top Menu

Jump to content
Home
    Modules
      • Projects
      • Activity
      • Work packages
      • Gantt charts
      • Calendars
      • Team planners
      • Boards
      • News
    • Getting started
    • Introduction video
      Welcome to OpenProject Community
      Get a quick overview of project management and team collaboration with OpenProject. You can restart this video from the help menu.
    • Help and support
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Enterprise support
    • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation
  • Sign in
      Forgot your password?

      or sign in with your existing account

      Google

Side Menu

  • Overview
  • Activity
    Activity
  • Roadmap
  • Work packages
    Work packages
  • Gantt charts
    Gantt charts
  • Calendars
    Calendars
  • Team planners
    Team planners
  • Boards
    Boards
  • News
  • Forums
  • Feature tour
    Feature tour

Content

You are here:
  1. Forums
  2. General discussion

Reverse proxying with SSL using Nginx

Added by Sam Vervaeck 8 months ago

Hi,

I'm having troube installing my OpenProject instance on my server. I installed OpenProject in a virtual machine using the default settings. When I create an SSH tunnel and open the VM in a browser everything works fine. However, when opening the same website using reverse proxy things are not so fine.

  1. During login, I'm getting Unable to verify Cross-Site Request Forgery token. Did you try to submit data on multiple browsers or tabs? Please close all tabs and try again. It's impossibble to login due to this error.
  2. When I once magically happened to login, almost every link I open opens in a new tab. This seems very odd to me and doesn't look like the default behaviour.

Here's the current state of my Nginx config, which was originally taken from here:

upstream web {
    server 1.2.3.4;
}

server {

	server_name example.com;

    location / {
        proxy_pass_header  Server;
        proxy_set_header   Host $http_host;
        proxy_set_header   X-Real-IP $remote_addr;
        #proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   X-Scheme $scheme;
        proxy_redirect     off;
        proxy_pass         http://web/;
	}

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    server_name example.com;
    return 404; # managed by Certbot


}

Some people recommended to set under Settings -> General the proto option to HTTPS. But there is no such an option in my installation.

What am I doing wrong?

Sam


Replies (4)

RE: Reverse proxying with SSL using Nginx - Added by Sam Vervaeck 8 months ago

Never mind, I found how to fix the login issue using this  article, under the section 'External SSL termination'.

RE: Reverse proxying with SSL using Nginx - Added by Sam Vervaeck 8 months ago

It might be worthwhile to update this article in the documentation with the missing directives from this article because that is how I (and possibly others) got stuck.

RE: Reverse proxying with SSL using Nginx - Added by Sam Vervaeck 8 months ago

Never mind I just found out  I can do it myself :)

RE: Reverse proxying with SSL using Nginx - Added by Alexander Stock 8 months ago

Thank you for adding your solution!

  • (1 - 4/4)
Loading...