Hi!
I have and issue of non appearing web elements and non loading pages of the new OH3 interface behind LetsEncrypt secured NGINX reverse proxy with no auth configured as it is all internal. The certificate is a wildcard cert for all of my internal domain servers. OpenHAB 3 running release version in docker container.
I tested the same pages in paralel but on direct access and it has no issues. It must be some NGINX config mistake. I have a lot other local istes proxied like this working without issues.
NGINX config is this:
server {
listen 80;
server_name oh3.xxxx.xx;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name oh3.xxx.xx;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/nginx/ssl/wildcard.cer;
ssl_certificate_key /etc/nginx/ssl/wildcard.key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
keepalive_timeout 70;
add_header Strict-Transport-Security "max-age=31536000";
add_header Set-Cookie X-OPENHAB-AUTH-HEADER=1;
location / {
proxy_pass http://192.168.1.241:8081;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Authorization "";
proxy_set_header Connection "Upgrade";
satisfy any;
allow 192.168.1.0/24;
allow 192.168.5.0/24;
allow 127.0.0.1;
deny all;
}
}
If I open Astro Moon first channel Configuration I’ve got this:
On direct connection I’ve got this as expected:
Strangely If I hit refresh both direct connection and proxied returns this:
Sorry
Requested content not found.
Debug information
* **Url:** /settings/things/astro:moon:local/channels/rise#start/edit
* **Path:** /settings/things/astro:moon:local/channels/rise
* **Hash:** start/edit
* **Params:**
* **Query:**
* **Route:** (.*)
In chrome console I have no clue what is missing no errors or 404. On direct connection I get @iolation of added non-passive event listener to a scroll-blocking “wheel” event. And the data for astro events in JSON apeears:
Update earliest to 00:00
app.js:7 {"offset":0,"earliest":"00:00"}
Update latest to 00:00
app.js:7 {"offset":0,"earliest":"00:00","latest":"00:00"}
Both enabled and disabled simple AUTH in REST setting makes no difference. In OH2 (which is still running with almost the same NGINX proxy settings on the same NGINX server) I have no issue.
Testing further:
If I empty cache and tmp folders and restart the container I cannot log in with proxy only with direct connection. In Chrome when I click admin login icon this message appears on console:
If I hit Ctrl+Shift+R in chrome I can logon with proxy access as well.
Any idea what went wrong?