Open jrvarma opened 5 days ago
@jrvarma did you try putting your real domain name in allowed_host1 variabel instead of *
?
Also do you have proxy_set_header Host $host;
in the nginx configuration ?
@daftaupe putting my real domain name in allowed_host1
variable did not help. And, yes, I have proxy_set_header Host $host;
in the nginx
configuration
SOLVED
Running with debug = true showed that the actual error was not in allowed hosts but in trusted origins.
Origin checking failed xxx does not match any trusted origins
This was because I am running the server on a non standard port. I edited the line in settings.py
to include a hardcoded port
CSRF_TRUSTED_ORIGINS = ... ["http://" + y + ":NNNN" for x, y in ...
And then it worked!
Might be a good idea to read port from the ini
file instead.
I am doing a new install of Etebase (planning to migrate my existing self hosted Etesync 1.0 data to Etebase). I set it up using the instructions in the Readme, Basic Setup and Production Setup. Reached up to the point where
nginx
is set up to serve the website on port 8000 and communicate withetebase
using web port 8001. Theadmin
page comes up correctly but when I enter the superuser credentials, I get the 403 errorCSRF verification failed. Request aborted.
I then disabled the
nginx
site by deleting/etc/nginx/sites-enabled/etebase_nginx.conf
and restartingnginx
. I then askeduvicorn
to serve the site directly on port 8000. When I do this, authentication goes through correctly, and I am presented with the site administration page. So the issue is with some interaction between theetebase_nginx.conf
configuration and theetebase.ini
configuration. I am not at all familiar with Django, but I understand thatCSRF verification failed
is related to allowed hosts, but I would think thatallowed_host1 = *
should cover everything. What else could be going wrong?Any pointers on how I can debug this?