Redirect after login


(Marvin Klar) #1

Hello everyone,

I just setup a Discourse server. It’s working perfectly so far, but everytime I want to access the website with hte url https://forum.my.domain/subfolder/ while I’m not logged in, I got redirected to the url https://forum.my.domain/login.

There is nothing configured for the website https:// forum.my.domain/login, so I get the error Not Found - The requested URL /login was not found on this server..

So I need to access the url https://forum.my.domain/subfolder/login manually everytime I want to use the forum page.

Is there a way to solve it?

Here is my nginx configuration:

upstream discoursesubfolder {
  server unix:/opt/subfolder/discourse/tmp/sockets/puma.socket;
}

server {
  access_log /var/log/nginx/access.log;

  listen 81;
  gzip on;
  gzip_vary on;
  gzip_min_length 1000;
  gzip_comp_level 5;
  gzip_types application/json text/css application/x-javascript application/javascript image/svg+xml;
  gzip_proxied any;

  server_name forum.maja.cloud;
  server_tokens off;

  sendfile on;

  keepalive_timeout 65;

  # maximum file upload size (keep up to date when changing the corresponding site setting)
  client_max_body_size 10m;

  # path to discourse's public directory
  set $public /opt/subfolder/discourse/public;

  # without weak etags we get zero benefit from etags on dynamically compressed content
  # further more etags are based on the file in nginx not sha of data
  # use dates, it solves the problem fine even cross server
  etag off;
  location /subfolder {
rewrite ^/subfolder/?(.*)$ /$1;
  }
  
  # prevent direct download of backups
  location ^~ /backups/ {
internal;
  }

  # bypass rails stack with a cheap 204 for favicon.ico requests
  location /favicon.ico {
return 204;
access_log off;
log_not_found off;
  }

  location / {
root $public;
add_header ETag "";

# auth_basic on;
# auth_basic_user_file /etc/nginx/htpasswd;

location ~* (assets|plugins|uploads)/.*\.(eot|ttf|woff|woff2|ico)$ {
  expires 1y;
  add_header Cache-Control public,immutable;
  add_header Access-Control-Allow-Origin *;
 }

location = /srv/status {
  access_log off;
  log_not_found off;
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Request-Start "t=${msec}";
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_pass http:// discoursesubfolder;
  rewrite ^/(.*)$ /subfolder/$1 break;
  break;
}

# some minimal caching here so we don't keep asking
# longer term we should increas probably to 1y
location ~ ^/javascripts/ {
  expires 1d;
  add_header Cache-Control public,immutable;
}

location ~ ^/assets/(?<asset_path>.+)$ {
  expires 1y;
  # asset pipeline enables this
  # brotli_static on;
  gzip_static on;
  add_header Cache-Control public,immutable;
  # HOOK in asset location (used for extensibility)
  # TODO I don't think this break is needed, it just breaks out of rewrite
  break;
}

location ~ ^/plugins/ {
  expires 1y;
  add_header Cache-Control public,immutable;
}

# cache emojis
location ~ /images/emoji/ {
  expires 1y;
  add_header Cache-Control public,immutable;
}

location ~ ^/uploads/ {

  # NOTE: it is really annoying that we can't just define headers
  # at the top level and inherit.
  #
  # proxy_set_header DOES NOT inherit, by design, we must repeat it,
  # otherwise headers are not set correctly
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Request-Start "t=${msec}";
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Sendfile-Type X-Accel-Redirect;
  proxy_set_header X-Accel-Mapping $public/=/downloads/;
  expires 1y;
  add_header Cache-Control public,immutable;

  ## optional upload anti-hotlinking rules
  #valid_referers none blocked mysite.com *.mysite.com;
  #if ($invalid_referer) { return 403; }

  # custom CSS
  location ~ /stylesheet-cache/ {
      try_files $uri =404;
  }
  # this allows us to bypass rails
  location ~* \.(gif|png|jpg|jpeg|bmp|tif|tiff|svg|ico|webp)$ {
      try_files $uri =404;
  }
  # thumbnails & optimized images
  location ~ /_?optimized/ {
      try_files $uri =404;
  }

  proxy_pass http:// discoursesubfolder;
  rewrite ^/(.*)$ /subfolder/$1 break;
  break;
}

location ~ ^/admin/backups/ {
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Request-Start "t=${msec}";
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Sendfile-Type X-Accel-Redirect;
  proxy_set_header X-Accel-Mapping $public/=/downloads/;
  proxy_pass http:// discoursesubfolder;
  rewrite ^/(.*)$ /subfolder/$1 break;
  break;
}

# This big block is needed so we can selectively enable
# acceleration for backups and avatars
# see note about repetition above
location ~ ^/(letter_avatar/|user_avatar|highlight-js|stylesheets|favicon/proxied|service-worker) {
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Request-Start "t=${msec}";
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

  # if Set-Cookie is in the response nothing gets cached
  # this is double bad cause we are not passing last modified in
  proxy_ignore_headers "Set-Cookie";
  proxy_hide_header "Set-Cookie";
  proxy_hide_header "X-Discourse-Username";
  proxy_hide_header "X-Runtime";

  # note x-accel-redirect can not be used with proxy_cache
  proxy_cache_key "$scheme,$host,$request_uri";
  proxy_cache_valid 200 301 302 7d;
  proxy_cache_valid any 1m;
  proxy_pass http:// discoursesubfolder;
  rewrite ^/(.*)$ /subfolder/$1 break;
  break;
}

location /letter_avatar_proxy/ {
  # Don't send any client headers to the avatars service
  proxy_method GET;
  proxy_pass_request_headers off;
  proxy_pass_request_body off;

  # Don't let cookies interrupt caching, and don't pass them to the
  # client
  proxy_ignore_headers "Set-Cookie";
  proxy_hide_header "Set-Cookie";
  proxy_hide_header "X-Discourse-Username";
  proxy_hide_header "X-Runtime";

  # shared in multisite
  proxy_cache_key $request_uri;
  proxy_cache_valid 200 7d;
  proxy_cache_valid 404 1m;
  proxy_set_header Connection "";

  proxy_pass https:// avatars.discourse.org/;
  break;
}

# we need buffering off for message bus
location /message-bus/ {
  proxy_set_header X-Request-Start "t=${msec}";
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_http_version 1.1;
  proxy_buffering off;
  proxy_pass http:// discoursesubfolder;
  rewrite ^/(.*)$ /subfolder/$1 break;
  break;
}

# this means every file in public is tried first
try_files $uri @discourse;
  }

  location /downloads/ {
internal;
alias $public/;
  }

  location @discourse {
add_header Referrer-Policy 'no-referrer-when-downgrade';
proxy_set_header Host $http_host;
proxy_set_header X-Request-Start "t=${msec}";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http:// discoursesubfolder;
rewrite ^/(.*)$ /subfolder/$1 break;
  }

}

The website is accessible through an apache2 reverse proxy. Here is the configuration:

    ServerName forum.my.domain
    ProxyPreserveHost On
    ProxyPass /subfolder http://theIpOfMyDiscourseServer:81/subfolder/
    ProxyPassReverse /subfolder http://theIpOfMyDiscourseServer:81/subfolder/

(Marvin Klar) #2

I just noticed, that the redirect is because of the reverse proxy. Without hte reverse proxy it works fine. But what do I have to configure at the proxy (or nginx?) to avoid this behavior?


(Marvin Klar) #3

Does nobody have a solution for this?


(Bhanu Sharma) #4

Search this forum for “subdirectory install” You may find some help about how to set up a sub directory properly.


(Marvin Klar) #5

Thank you very much for your reply. I already found this article: Run Discourse in a Subdirectory

But the problem is, that the apache2 reverse proxy has this weired redirect. Do you know how to solve this?


(Bhanu Sharma) #6

Easiest solution: Don’t use apache2! use nginx :wink:


(Marvin Klar) #7

Do you know how to configure an nginx reverse proxy for discourse?


(Bhanu Sharma) #8

Follow this guide (with proper care ofcourse) You may also have to make some changes as this guide is more oriented towards a subdomain rather than a subdirectory. again, help is available in many topics on this forum.