search

louislam / uptime-kuma

A fancy self-hosted monitoring tool
https://uptime.kuma.pet
MIT License
55.73k stars 5.01k forks source link

Setting Primary base URL #3697

Closed softwarecreations closed 1 year ago

softwarecreations commented 1 year ago

⚠️ Please verify that this bug has NOT been raised before.

🛡️ Security Policy

Description

Setting Primary base URL on page Settings > General has no effect.

👟 Reproduction steps

  1. Open http://localhost:3001/
  2. Confirm you're logged in and it's working.
  3. On page Settings > General, set Primary base URL to http://localhost:3001/foobar
  4. Click save
  5. Gracefully stop uptime-kuma
  6. Gracefully start uptime-kuma
  7. Try open http://localhost:3001/foobar/

👀 Expected behavior

http://localhost:3001/foobar/ should be the base URL. So for example http://localhost:3001/foobar/settings/general http://localhost:3001/foobar/dashboard

😓 Actual Behavior

Uptime kuma continues to function with / as the primary base URL, as before. The setting has no effect. image

🐻 Uptime-Kuma Version

1.23.1

💻 Operating System and Arch

Ubuntu 23.04 amd64

🌐 Browser

Brave, Chromium, FF

🐋 Docker Version

Running as a normal user, not using Docker.

🟩 NodeJS Version

Node v20.5.1 (npm v9.8.0)

📝 Relevant log output

No response

louislam commented 1 year ago

Uptime Kuma does not support a subdirectory such as http://example.com/uptimekuma. Please prepare a domain or sub-domain to do that.

Read more: https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy

softwarecreations commented 1 year ago

Thanks @louislam I see. I'm curious, what is the purpose of the "Public base URL" setting?

echo-saurav commented 9 months ago

@softwarecreations have you solve this? https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy is about domain specific proxy url , not sub path url

louislam commented 9 months ago

Thanks @louislam I see. I'm curious, what is the purpose of the "Public base URL" setting?

It is mainly used for notifications, so Uptime Kuma can send with a correct URL

softwarecreations commented 9 months ago

FYI, the reason I asked (a few months ago)

For security I wanted to hide my uptime kuma under a random subpath like example.com/fsdokjsdfkofsdidfs

It's easy for a subpath to be secret. But there are pitfalls to having a secret sub-domain. You can't just use a letsencrypt cert for a subdomain because letsencrypt publishes the domain names of all certs issued. If you use a wildcard cert it can potentially be a secret subdomain but then there's also DNS leaks etc.

I ended up using a subdomain obviously, because as per this thread UptimeKuma doesn't support subpath.

qriff commented 7 months ago

This, so much this.

https://caddy.community/t/the-subfolder-problem-or-why-cant-i-reverse-proxy-my-app-into-a-subfolder/8575

Say bye bye to your privacy https://crt.sh

https://en.wikipedia.org/wiki/Certificate_Transparency

FYI, the reason I asked (a few months ago)

For security I wanted to hide my uptime kuma under a random subpath like example.com/fsdokjsdfkofsdidfs

It's easy for a subpath to be secret. But there are pitfalls to having a secret sub-domain. You can't just use a letsencrypt cert for a subdomain because letsencrypt publishes the domain names of all certs issued. If you use a wildcard cert it can potentially be a secret subdomain but then there's also DNS leaks etc.

I ended up using a subdomain obviously, because as per this thread UptimeKuma doesn't support subpath.