[Self Hosted] [Unified Beta] Nginx Redirect Error

[Entrepreneur-AJ]

Setting up a fresh install my instance no matter how many docker rm and relaunches I do seems to be trying to redirect to the internal port instead of the external SSL port.

Looks to be https://github.com/bitwarden/self-host/blame/master/docker-unified/hbs/nginx-config.hbs on line 7 thats causing the issue.

CLI tests (easier to show):

curl -I http://mybitwardendomain.tld HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 12 Aug 2023 11:06:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://mybitwardendomain.tld:8443/

curl -I https://mybitwardendomain.tld curl: (7) Failed to connect to mybitwardendomain.tld port 8443 after 15 ms: Couldn't connect to server

curl -I https://mybitwardendomain.tld HTTP/2 200 server: nginx date: Sat, 12 Aug 2023 11:19:31 GMT content-type: text/html content-length: 1238 last-modified: Tue, 25 Jul 2023 20:03:38 GMT vary: Accept-Encoding etag: "64c02a9a-4d6" strict-transport-security: max-age=15768000 referrer-policy: same-origin x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory; object-src 'self' blob:; x-frame-options: SAMEORIGIN x-robots-tag: noindex, nofollow accept-ranges: bytes

settings.env: `#####################

Required Settings

#####################

Server hostname

BW_DOMAIN=mybitwardendomain.tld

Database

Available providers are sqlserver, postgresql, mysql/mariadb, or sqlite

BW_DB_PROVIDER=postgresql BW_DB_SERVER=10.8.96.3 BW_DB_DATABASE=bitwarden_vault BW_DB_USERNAME=bitwarden BW_DB_PASSWORD=postgres-password

Installation information

Get your ID and key from https://bitwarden.com/host/

BW_INSTALLATION_ID=generated-install-id BW_INSTALLATION_KEY=generated-install-key

#####################

Optional Settings

#####################

Learn more here: https://bitwarden.com/help/environment-variables/

Container user ID/group ID

PUID=1000

PGID=1000

Webserver ports

BW_PORT_HTTP=8080 BW_PORT_HTTPS=8443

SSL

BW_ENABLE_SSL=true

BW_ENABLE_SSL_CA=true

BW_SSL_CERT=letsencrypt/live/mybitwardendomain.tld/fullchain.pem BW_SSL_KEY=letsencrypt/live/mybitwardendomain.tld/privkey.pem

BW_SSL_CA_CERT=ca.crt

Services

Some services, namely for enterprise use cases, are disabled by default. Defaults shown below.

BW_ENABLE_ADMIN=true BW_ENABLE_API=true BW_ENABLE_EVENTS=false BW_ENABLE_ICONS=true BW_ENABLE_IDENTITY=true BW_ENABLE_NOTIFICATIONS=true BW_ENABLE_SCIM=false BW_ENABLE_SSO=false

BW_ICONS_PROXY_TO_CLOUD=false

Mail

globalSettingsmailreplyToEmail=me@domain.com globalSettingsmailsmtphost=smtp.domain.com globalSettingsmailsmtpport=465 globalSettingsmailsmtpssl=true globalSettingsmailsmtpusername=emailuser globalSettingsmailsmtp__password='randomly generated password in marks due to symbols requirement'

Yubikey

globalSettingsyubicoclientId=REPLACE

globalSettingsyubicokey=REPLACE

Other

globalSettings__disableUserRegistration=false

globalSettings__hibpApiKey=REPLACE

adminSettings__admins=admin1@email.com,admin2@email.com`