Android App Notification: Could not connect / Bad Request

[bcurran3]

Have you read the documentation?

• [ ] Yes, but it does not include related information regarding my question.
• [ ] Yes, but the steps described in the documentation do not work on my machine.
• [X] Yes, but I am having difficulty understanding it and wants clarification.

You are setting up gotify in

• [ X] Docker
• [ ] Linux native platform
• [ ] Windows native platform

Describe your problem Android app notification gives error:

Could not connect Bad Request

This is related to https://github.com/gotify/server/issues/462 but my config is different. I'm running Traefik using LetsEncrypt in front of the gotify container, not the built-in nginx reverse proxy.

I've read https://gotify.net/docs/config and am confident the answer lies there in the environmental variables, I'm just not sure how they apply to my setup; i.e. GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED is true in my situation but not done via nginx in the gotify container. Which variables are applicable with a reverse proxy outside the container? I've only gone so far as setting GOTIFY_SERVER_SSL_REDIRECTTOHTTPS=true and GOTIFY_SERVER_SSL_LETSENCRYPT_HOSTS=[mydomain.tld] but that didn't solve the problem.

GOTIFY_SERVER_SSL_ENABLED=false
GOTIFY_SERVER_SSL_REDIRECTTOHTTPS=true
GOTIFY_SERVER_SSL_LISTENADDR=
GOTIFY_SERVER_SSL_PORT=443
GOTIFY_SERVER_SSL_CERTFILE=
GOTIFY_SERVER_SSL_CERTKEY=
GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED=false
GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS=false
GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE=certs
# GOTIFY_SERVER_SSL_LETSENCRYPT_HOSTS=[mydomain.tld, myotherdomain.tld]

Love the full suite of apps, thank you for them.

Any help would be appreciated.

[jmattheis]

Does the webapp work? Add your gotify/server log. Add your nginx config. Add the gotify/android log.

[bcurran3]

Webapp works fine. Android app works fine, except the notification. Android app notification shows "Connected" when on LAN. Error shows on WAN only. Nginx config is default from the container gotify/server:latest Server is v2.4.0. App is v2.7.1

This is the server log from after rebooting my phone and connecting via WAN:

2024-04-28T01:33:12-07:00 | 200 |     177.749µs | 0.0.0.0 | GET      "/"
WebSocket: ReadError read tcp 172.17.0.26:80->172.17.0.1:44658: i/o timeout
2024-04-28T01:34:12-07:00 | 200 |     128.024µs | 0.0.0.0 | GET      "/"
2024-04-28T01:35:12-07:00 | 200 |     554.686µs | 0.0.0.0 | GET      "/"
2024-04-28T01:36:12-07:00 | 200 |     163.781µs | 0.0.0.0 | GET      "/"
2024-04-28T01:36:14-07:00 | 200 |     556.768µs | 0.0.0.0 | GET      "/current/user"
2024-04-28T01:36:15-07:00 | 200 |     549.158µs | 0.0.0.0 | GET      "/application"
2024-04-28T01:36:15-07:00 | 200 |     565.204µs | 0.0.0.0 | GET      "/message?limit=1&since=0"
2024-04-28T01:36:15-07:00 | 200 |     470.738µs | 0.0.0.0 | GET      "/application"
2024-04-28T01:36:15-07:00 | 400 |     395.414µs | 0.0.0.0 | GET      "/stream?token=[masked]"
Error #01: websocket: the client is not using the websocket protocol: 'upgrade' token not found in 'Connection' header
2024-04-28T01:36:15-07:00 | 200 |      13.759µs | 0.0.0.0 | GET      "/version"
2024-04-28T01:36:15-07:00 | 400 |     121.932µs | 0.0.0.0 | GET      "/stream?token=[masked]"
Error #01: websocket: the client is not using the websocket protocol: 'upgrade' token not found in 'Connection' header
2024-04-28T01:36:15-07:00 | 200 |     402.336µs | 0.0.0.0 | GET      "/message?limit=1&since=0"
2024-04-28T01:36:16-07:00 | 200 |     970.597µs | 0.0.0.0 | GET      "/application"
2024-04-28T01:36:16-07:00 | 200 |    3.965202ms | 0.0.0.0 | GET      "/message?limit=100&since=0"
2024-04-28T01:36:17-07:00 | 200 |      94.579µs | 0.0.0.0 | GET      "/static/defaultapp.png"

Need to set GOTIFY_SERVER_RESPONSEHEADERS={X-Custom-Header: "custom value", x-other: value} ??????

I'm having some trouble with getting the app logs. First they were April 8 through 9 only. I deleted and rebooted. Log started filling with current reconnection info, but when I try to copy the app freezes with Android popping up a close/wait choice. I managed to get a screenshot:

Details


[jmattheis]

Nginx config is default from the container gotify/server:latest

There is no nginx config in the gotify container. The logs indicate a misconfigured reverse proxy. If you are using nginx, you need to configured the settings listed in https://gotify.net/docs/nginx

[bcurran3]

I'm not (knowingly) using nginx. As mentioned I've got a Traefik container running the reverse proxy.

Do I need to modify my Traefik config pointing to the Gotify container or create a nginx config in the Gotify container?

[jmattheis]

Sorry misread about nginx. Show your full treafik config. Do you have anything else between the reverse proxy and your phone? Cloudflare tunnel or similar?

[bcurran3]

No Cloudflare tunnel, just Traefik. I do use Cloudflare DNS. I just checked it and gotify is going through a proxy wildcard record to the domain. I'm going to create a non-proxied CNAME for it and see if it makes a difference. Doing now, will check and report back later.

I'm going to guess the labels for Traefik in the container are of more interest:

    labels:
      traefik.enable: "{{ gotify_available_externally | string }}"
      traefik.http.routers.gotify.rule: "Host(`{{ gotify_hostname }}.{{ domain_name }}`)"
      traefik.http.routers.gotify.tls.certresolver: "letsencrypt"
      traefik.http.routers.gotify.tls.domains[0].main: "{{ domain_name }}"
      traefik.http.routers.gotify.tls.domains[0].sans: "*.{{ domain_name }}"
      traefik.http.routers.frontend.middlewares: "{{ gotify_hostname }}"
      traefik.http.routers.gotify.middlewares: "{{ gotify_hostname }}@docker"
      traefik.http.middlewares.gotify.ipwhitelist.sourcerange: "{{ gotify_traefik_whitelist }}"
      traefik.http.services.gotify.loadbalancer.server.port: "80"

[bcurran3]

Happy to report that turning off Cloudflare proxying solved the problem!

Any additions to the documentation on this and how to make it work via CF proxy would be welcome.