login issues with https reverse proxy #2037
Comments
|
which version of Mylar are you running (branch / commit) ? I know several users are using Mylar with nginx reverse proxy (a couple are actually the ones that helped iron out some other bugs with the proxy paths) - so we know it's working. I'm just not sure what the difference is between nginx and traefik when it comes to the reverse proxy (considering I have zero knowledge in reverse proxy stuff, so I can't really be of much help). Maybe someone who is successfully running Mylar behind a reverse proxy might be able to offer some more insight/help, as of right now all I can think of asking is what your web_root is set to in the config.ini |
|
icebal, how do you have your proxy setup and what's the webroot you've got in your mylar.ini? I'm one of the aforementioned users running with nginx, and yeah there were a few issues originally, but those are all ironed out and it's working like a champ now. |
|
No webroot as im proxing to a subdomain. Setup is Traefik passes Host
Header, and does proxying internally, so you dont have proxy and proxy pass
woes. Mylar is setup http at port 8090 inside a docker container, traefik
is on port 443, proxying https://mylar.domain.com to Http://dockerhost:8090/
…On Sat, Jul 28, 2018, 2:42 PM BRTPOB ***@***.***> wrote:
icebal, how do you have your proxy setup and what's the webroot you've got
in your mylar.ini? I'm one of the aforementioned users running with nginx,
and yeah there were a few issues originally, but those are all ironed out
and it's working like a champ now.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#2037 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA5xlVrQDlaiV63pg5azhTxj7C9FAs-8ks5uLL6SgaJpZM4Vi5A5>
.
|
|
Are you running any other Headphones-derivative (Headphones, SB/SG/SR, LazyLibrarian) in this manner? They all work basically the same. Anyway, if there's a problem forwarding the traffic internally it should show up in Traefik's error log... That said, all my HP-derivatives work in nginx with a few more headers, most notably the Forwarded_For header: |
|
I use mostly the sonarr derivitives, which work fine. ill try to add the extra headers, but usually when this happens its an issue with not using magic urls, and fully qualifying redirects |
|
Hello. I have a similar problem with Synology (I am using Mylar in a docker container, and works pretty great!). The Synology DSM Reverse proxy use ngnix but with an hardcoded template (see this page for enabling websocket on this reverse proxy). Hardcoding http to https redirection in here means enable it for every app. When enabling https in mylar, it expects to receive a https header and validate the connection with a certificate. In my case, DSM handles the SSL verification and strip out the https header to the server. We also do that at work with Traefik in front of our Kubernetes cluster. Is it possible to optionalize the connection verification? The "Enable HTTPS" would display a sub option, enabled by default: "verify connection". If set, this will use the provided certificated and key to validate the connection. If unset, connection would not be validated, but the url of the application should starts by https. |
|
Struggling to find an example of how this would be implemented with CherryPy. Have you seen it done anywhere that we could reference? |
while using traefik to do reverse proxying, mylar with form based login doesn't redirect to https (provided by the reverse proxy) but instead redirects the http (mylar setting). i also have noticed with the popup login it redirects to /index.html/home instead of /home, without the reverse proxy it redirects to /home like normal.
The text was updated successfully, but these errors were encountered: