Container will not operate using https.

[Phrenzy]

I'm running an image of this container on one VM and I have a other VM running nginx as a reverse proxy. Nginx is configured to redirect to https using Let's Encrypt.

Grocy will operate normally if I connect directly to the VM running the container. If I connect to via the reverse proxy, I get the text but the page looks like CSS is disabled. The address bar lock has a warning the connection is not secure. When I disable the security, that allows the framework to be applied and the site looks mostly normal. However, there are no images.

Thanks, team linuxserver.io

[homerr]

Could you pastebin your reverse proxy settings? Also, check here to make sure Grocy is configured appropriately for reverse proxy (otherwise it'll try and serve content over http and https and this leads to what you're describing)

Set BASE_URL in /config/data/config.php to the right URL and see if it works?

[Phrenzy]

https://pastebin.com/Mzdj2ZXm

grocy

docker run -d --restart unless-stopped -e PGID=1000 -e PUID=1000 -e TZ=TZ="America/Los_Angeles" --name=grocy -v /opt/grocy/config:/config -p 9283:80 linuxserver/grocy

[Phrenzy]

https://pastebin.com/WWzh3D3F

[tobbenb]

Probably not connected, but you got your TZ variable wrong. Remove one of the TZ=.

[Phrenzy]

Remove one of the TZ=. Sorry about that. That was a boo-boo in my notes I didn't fix. The container wont start like that.

[tony4212]

This is still a problem when trying to use Apache to reverse proxy. The result is the website showing up in white with text. Under inspect elements in Google it shows mixed content warnings. When allowing Google to ignore mixed content issues by having the site to non https everything looks normal. However, when trying to login as admin admin the website just says at the login screen.

[j0nnymoe]

No one within the team uses Apache to reverse proxy so we aren't able to help with that. We have a template for our letsencrypt container waiting to be PR'ed.

[tony4212]

I figured it out for the most part so far here is what worked for me

ServerName example.site.com SSLCertificateFile /etc/letsencrypt/live/example.site.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.site.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf Header always set Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'" Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Xss-Protection "1; mode=block" Header always set X-Content-Type-Options "nosniff" SSLProtocol -All +TLSv1.2 SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-$ SSLHonorCipherOrder on SSLCompression off SSLSessionTickets off RequestHeader set X-Forwarded-Proto "https" ProxyPreserveHost On ProxyRequests off ProxyPass / http://localhost:9283/ ProxyPassReverse / http://localhost:9283/ RewriteEngine on RewriteCond %{HTTP:Upgrade} !=websocket [NC] RewriteRule /(.*) http://localhost:9283/$1 [P,L]

[CHBMB]

Looks like @Phrenzy has sorted this out, closing.