search

Bubka / 2FAuth

A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
https://docs.2fauth.app/
GNU Affero General Public License v3.0
2.12k stars 142 forks source link

2fauth + NGINX reverse proxy = 502 error #308

Closed Draky50110 closed 7 months ago

Draky50110 commented 7 months ago

Version

5.0.3

Details & Steps to reproduce

I tried to link 2fauth container to SWAG (container with NGNINX reverse proxy).

Here is the proxy conf :

## Version 2023/05/31
# REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template.
# REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for <tags> and replace them. Review other sample files to see how things are done.
# REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings.
# make sure that your <container_name> container is named <container_name>
# make sure that your dns has a cname set for <container_name>

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name 2fauth.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 2fauth;
        set $upstream_port 8000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

}

With CNAME pointing to domain and proxy.

Expectation

To redirect to correct subdomain.

Error & Logs

No response

Execution environment

No response

Containerization

Additional information

Error 502

Draky50110 commented 7 months ago

Found the proble : forgot to join SWAG/NGINX own network...