Login (SSO enabled) is not working when Nginx is configured in front Discourse


When applying Nginx in front of Discourse (Nginx → AWS LB → Discourse container), login is not working at all. It just gets redirected to the Discourse homepage after entering the credentials.

Nginx is configured to redirect http to https. We have certificates in AWS Certificate Manager for our domain and subdomains.

Discourse SAML plugin is installed. We also use SSO via different application and its config is using https. force_https is enabled in site settings as well.

We can confirm that the SSO application is working but it seems that Discourse authentication stopped working after applying Nginx.

For our forums site (Discourse), Nginx is configured like this:

server {
    server_name [subdomain.domain.com];
    location / {
        resolver [insert.resolver.ip.here] valid=60s;
        if ($http_x_forwarded_proto != "https") {
           rewrite ^(.*)$ https://$server_name$1 permanent;
        proxy_pass [AWS-load-balancer-domain];
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Referer $http_referer;

This Nginx config is working for other subdomains of our main site.

This is the SSO verbose log and though the only error I see is about ActionController::RoutingError (No route matches [GET] "/.env")

verbose-sso-log.txt (6.3 KB)