Relative links in Heimdall; making it play nicely with linuxserver/letsencrypt

[HarvsG]

If you are new to Docker or this application our issue tracker is ONLY used for reporting bugs or requesting features. Please use our discord server for general support.

---

Expected Behavior

In an ideal world, irrespective of whether I navigate to heimdall locally (192.168.x.x), local hostname (heimdall.lan) or over the net (heimdall.home.example.com) the links in heimdall would take me to where I want to go.

Current Behavior

Heimdall allows you to provide a link address and then creates a simple hyperlink

Steps to Reproduce

1. Install linuxserver's nginx with Let's Encrypt and register plenty of subdomains for your local services
2. Configure the nginx reverse proxy to have password auth

3. Start pointing subdomains at your services in nginx

   server {
      listen 443 ssl http2;
      listen [::]:443 ssl http2;
   
      server_name omv.*;
   
      include /config/nginx/ssl.conf;
   
      client_max_body_size 0;
   
      location / {
              auth_basic "Restricted";
              auth_basic_user_file /config/nginx/.htpasswd;
              include /config/nginx/proxy.conf;
              proxy_pass http://192.168.X.X:8080;
      }
   }

4. Configure Dynamic DNS to point *.home.example.com to your home address
5. Set up linuxserver/docker-heimdall and add links to each of your services. Unfortunately, if browsing from outside the nextwork they will need to be in the format omv.home.example.com but if local they will need to be in the format 192.168.X.X:8080 or hostname.lan:8080.

Thus you can't have your cake and eat it too.

It would be great if linuxserver/letsencrypt and linuxserver/heimdall would play nicely together. That way not only would heimdall be a way to organise your local services, but it would also be a way to make them remotely accessible without a VPN!

Environment

OS:OMV5
CPU architecture: x86_64/arm32/arm64
How docker service was installed: Via OMV

[Sebb767]

For other people who stumble upon this issue, you need to do two things:

• Add the proxy_set_header X-Forwarded-Proto https; header in the location block
• Edit the <config-path>/www/.env file and set APP_URL to the the correct domain

Note that in this case I use the http port for the internal forwarding; if you use https you can probably skip the first step.

[nomandera]

You have touched on a couple of things here but the most pertinent of which is probably NAT reflection and spilt horizon DNS.

See my relevant PR words here for a diff container.

https://github.com/linuxserver/docker-wireguard/pull/22/files

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.