The current funkwhale_proxy.conf is:

# global proxy conf
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;

# websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;

It means it will consider Funkwhale as served behind the server and protocol used to contact the proxy. This works well when the container is exposed directly to the internet.

However, in a client -> reverse proxy -> funkwhale container scenario, this breaks, because if you have proxy_pass http://localhost:5000 in your proxy conf, the values of X-Forwarded-Proto $scheme; and proxy_set_header X-Forwarded-Host $http_host; will respectively be http and localhost, regardless on how the proxy itself is accessed over the internet.

One workaround is to replace this funkwhale_proxy.conf when running the container behind a proxy:

touch /tmp/funkwhale_proxy.conf

Copy the following in that file:


proxy_set_header Host $http_x_forwarded_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_redirect off;

websocket support

proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade;


3. Stop and remove your Funkwhale container.
4. Recreate a new one with this additionnal volume instruction: `-v /tmp/funkwhale_proxy.conf:/etc/nginx/funkwhale_proxy.conf`

However, it's far from perfect. I wonder if we can figure a conf that will work for both cases?

michaelmob / docker-funkwhale

Default funkwhale_proxy.conf does'n work with proxy #19

websocket support