Quando si esegue un reverse proxy NGINX davanti a Discourse, non è possibile accedere al sito. Dopo aver inviato le credenziali, si viene reindirizzati alla pagina iniziale senza che venga avviata una sessione. Non vengono visualizzati errori e dai log sembra che l’accesso sia andato a buon fine.
Creating scope :open. Overwriting existing method Poll.open.
Started GET "/" for 10.42.4.0 at 2021-10-05 14:24:41 +1300
Processing by ListController#latest as HTML
Rendered list/list.erb within layouts/application (Duration: 8.8ms | Allocations: 1141)
Rendered layout layouts/application.html.erb (Duration: 22.9ms | Allocations: 3194)
Completed 200 OK in 189ms (Views: 23.9ms | ActiveRecord: 0.0ms | Allocations: 21280)
Creating scope :open. Overwriting existing method Poll.open.
Started GET "/session/csrf" for 10.42.4.0 at 2021-10-05 14:24:52 +1300
Processing by SessionController#csrf as JSON
Completed 200 OK in 384ms (Views: 0.3ms | ActiveRecord: 0.0ms | Allocations: 5303)
Started POST "/session" for 10.42.4.0 at 2021-10-05 14:24:52 +1300
Processing by SessionController#create as */*
Parameters: {"login"=>"admin", "password"=>"[FILTERED]", "second_factor_method"=>"1", "timezone"=>"Pacific/Auckland"}
Completed 200 OK in 1043ms (Views: 0.3ms | ActiveRecord: 0.0ms | Allocations: 147364)
Started POST "/login" for 10.42.4.0 at 2021-10-05 14:24:54 +1300
Processing by StaticController#enter as HTML
Parameters: {"username"=>"admin", "password"=>"[FILTERED]", "redirect"=>"https://forum.test.financefeast.io/"}
Redirected to https://forum.test.financefeast.io/
Completed 302 Found in 3ms (ActiveRecord: 0.0ms | Allocations: 710)
Started GET "/" for 10.42.4.0 at 2021-10-05 14:24:54 +1300
Processing by ListController#latest as HTML
Rendered list/list.erb within layouts/application (Duration: 46.7ms | Allocations: 11808)
Rendered layout layouts/application.html.erb (Duration: 308.6ms | Allocations: 53646)
Completed 200 OK in 1123ms (Views: 311.1ms | ActiveRecord: 0.0ms | Allocations: 167190)
Ho testato senza il reverse proxy NGINX davanti a Discourse e l’accesso funziona correttamente. Esiste una configurazione specifica per NGINX per risolvere questo problema?
Questa è la configurazione di NGINX:
server {
listen 80;
server_tokens off;
server_name forum.test.financefeast.io;
location / {
return 301 https://$host$request_uri;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30m;
add_header Pragma public;
add_header Cache-Control "public";
}
}
server {
ssl_certificate /etc/nginx/certs/test.financefeast.io-bundle.crt;
ssl_certificate_key /etc/nginx/certs/test.financefeast.io.key;
listen 443 ssl;
server_name forum.test.financefeast.io;
location / {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_buffers 8 32k;
proxy_buffer_size 64k;
proxy_pass https://kube_lb;
}
}