search

ItzCrazyKns / Perplexica

Perplexica is an AI-powered search engine. It is an Open source alternative to Perplexity AI
MIT License
10.97k stars 972 forks source link

Cannot access behind reverse proxy #241

Closed overcuriousity closed 5 days ago

overcuriousity commented 5 days ago

Describe the bug I am unable to access the perplexica behind a nginx reverse proxy. The frontend loads, but not the backend (infinite loading). The browser produces the errors:

Blocked loading mixed active content “http://192.168.178.103:3001/api/models” 
Uncaught (in promise) TypeError: NetworkError when attempting to fetch resource.
    NextJS 11
453-17320b85d95d59ad.js:1:28084
    ed NextJS
    AsyncFunctionThrow self-hosted:857
    NextJS 30

which is only the case if I access it via the domain name (which is locally resolved on my network) - if I access it via the IP directly, it works.

I tried to troubleshoot, it seems to have to do with CORS preventing mixed access to the endpoints. Tried both the docker version as well as the nodeJS solution.

overcuriousity commented 5 days ago

Update: I fixed it. In the env variables, configure

NEXT_PUBLIC_API_URL=https://<your_domain>
NEXT_PUBLIC_WS_URL=wss://<your_domain>/ws

and in the local nginx configuration, configure

server {
    listen 80;
    server_name <your_local_server_ip>;

    location / {
        proxy_pass http://<your_local_server_ip>:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location /api {
        proxy_pass http://<your_local_server_ip>:3001/api;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location /ws {
        proxy_pass http://<your_local_server_ip>:3001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

However, this could be made clear in the Documentation or streamlined in the application. Configuring it was a pain.

Note that this works for my network, where a network-wide reverse proxy handles all SSL/TLS at the single point of entry. The nginx config was also configured with the additional custom locations /ws and /api.

overcuriousity commented 5 days ago

reopened the issue in the hope the maintainer sees it. Keep up the great work of this exceptional project!

ItzCrazyKns commented 5 days ago

Hi, you only had to serve the backend of HTTPS. Yes, we can add it in the documentation but we cannot provide support for that (if someone faces an issue while doing so, they need to handle it themselves as if we start watching all these domain/networking errors then the real problems will be ignored). If you'd like, you can make a pull request to add this point in the networking docs.

overcuriousity commented 5 days ago

Thats a good idea, I will do that.