Fix domain redirect when behind proxy

[brechtcs]

I'm running a public gateway using --redirect from behind an Nginx reverse proxy, over at https://pamphlets.me. To make this setup work a fix is needed though, redirecting to urlParts.host instead of urlParts.hostname + port, because the port known to node is the wrong one when running behind a reverse proxy.

[RangerMauve]

Thank you for the PR! Do you have a copy of your NGNIX config you're using to make this work?

Will this still work with custom ports?

[brechtcs]

Yeah, I checked it still works both on the default port 3000 and a custom port using the -p flag.

My Nginx config is nothing fancy:

server {
    listen 80;
    listen [::]:80;
    server_name pamphlets.me *.pamphlets.me;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name pamphlets.me *.pamphlets.me;

    ssl on;
    ssl_certificate /etc/letsencrypt/live/pamphlets.me/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pamphlets.me/privkey.pem;

    location / {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:3000;
    }
}

[brechtcs]

Oops I see a second commit slipped into this PR. If needed I can remove it.

[RangerMauve]

Awesome! What are you using for the wildcard DNS entry for letsencrypt? I really want to set this up on gateway.mauve.moe, but I haven't had time to look into it in detail.

Is it just a docker container?

[RangerMauve]

By the way, I see you're building some sort of static-site hosting thing.

Would changing the hopepage to a dat URL be relevant to you?

Sorry for stalling on the web_root thing! I've been really busy with dat-polyfill. Hopefully I'll get back on improving the gateway next week, and PRs are always welcome!

[brechtcs]

I had to get the latest certbot from their github repo, because the latest version in the Debian repositories doesn't support it yet. And then I used the manual DNS method for the acme challenge, because all the easier methods didn't work :)

[RangerMauve]

Would you mind linking me to whatever you followed for the manual DNS thing? I don't think my DNS host has an API for certbot to use.

[brechtcs]

Okay, I've rebased the second commit out of this branch. This included the part you commented on, which I was planning to do in a separate PR anyway.

The static site tools are just for my own use at this point, so no rush on the web_root issue ;)

[RangerMauve]

Awesome! Thank you for the PR. :D

Hopefully this project will get to a point where it can load any dat.

Would you mind if I referenced your gateway in the README so people could find it more easily?

[brechtcs]

For certbot, after cloning the repo, I used this command, based on info I found here and here.:

sudo ./certbot-auto -d pamphlets.me,*.pamphlets.me --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns certonly

Feel free to add my instance to the README yes :)