search

linuxserver / docker-snipe-it

Alpine/Nginx container for the Asset Management software Snipe-IT
GNU General Public License v3.0
123 stars 26 forks source link

Feature Request: HTTP redirect #22

Closed ryanmerolle closed 2 years ago

ryanmerolle commented 3 years ago

linuxserver.io

Desired Behavior

Environment variable for if https is enabled, then setup http to redirect.

Current Behavior

With key/cert in place & both HTTP/HTTPS ports set with docker, both services respond. HTTP does not redirect to HTTPS

Alternatives Considered

github-actions[bot] commented 3 years ago

Thanks for opening your first issue here! Be sure to follow the bug or feature issue templates!

github-actions[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

ryanmerolle commented 3 years ago

Is there anything I can provide to help here?

github-actions[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

ryanmerolle commented 2 years ago

Well I found https://snipe-it.readme.io/docs/configuration#optional-set-your-htaccess-to-redirect-to-ssl

IE you need to mount /var/www/html/public/.htaccess with the following config:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    # Uncomment these two lines to force SSL redirect in Apache
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Security Headers
    # Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
    # Header set X-XSS-Protection "1; mode=block"
    # Header set X-Content-Type-Options nosniff
    # Header set X-Permitted-Cross-Domain-Policies "master-only"

</IfModule>
Options -Indexes

Interestingly enough I still cannot get http to redirect to https. I will update here as I troubleshoot.

ryanmerolle commented 2 years ago

I cannot believe I missed the base vm referenced to nginx. You have to update the nginx config blob/master/root/defaults/default and mount the volume. The confusion as around the fact that snipe-it documentation uses/references apache.

This could easily be tweaked in the image with an env variable also added.

github-actions[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

thelamer commented 2 years ago

This can be configured in /config/nginx/site-confs/default:

IE: 

server {
  listen 80 default_server;
  return 301 https://localhost:8080;
}
server {
  listen 443 ssl;
  server_name localhost:8080;
  root /var/www/html/public;
  index index.html index.htm index.php;
  ssl_certificate /config/keys/cert.crt;
  ssl_certificate_key /config/keys/cert.key;
  client_max_body_size 0;
location / {
  try_files $uri $uri/ /index.php$is_args$args;
  }
location ~ \.php$ {
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass 127.0.0.1:9000;
  fastcgi_index index.php;
  include /etc/nginx/fastcgi_params;
  }
location /.env {
  return 404;
  }
}