search

polonel / trudesk

:coffee: :seedling: Trudesk is an open-source help desk/ticketing solution.
http://trudesk.io
Other
1.29k stars 430 forks source link

NGINX Reverse Proxy Configuration with Cloudflare #633

Closed njags closed 11 months ago

njags commented 1 year ago

Hello,

We are looking to use TruDesk ticketing application for our company and at the moment we have created the environment required and clone the repo from Github, I can see the install opening using the IP and Port but when I try to add the revese proxy it does not work using the sample config file for default conf file.

I have tried multiple ways searching on google but yet not able to configure it and everytime either the nginx shows error or when I try to open the site it says - "ERR_TOO_MANY_REDIRECTS"

Below is the environment I am using -

Ubuntu 20.04 AWS Server MongoDB Elatisc Search Cloudflare for DNS

Below you can the conf file configuration modified by me to be used with Cloudflare where the SSL setting is flexible.

Currently, when we load the website it says - Web server is down Error code 521, when SSL is turned off it says - "ERR_TOO_MANY_REDIRECTS"

Default server configuration for TruDesk configuration on AWS EC2 Server and Cloudflare Flexible SSL

#

http { access_log /var/log/nginx/access.log main;

sendfile        on;
keepalive_timeout  65;

upstream socket_nodes {
    ip_hash;
    # IP Address of Host running Trudesk
    server 3.125.27.30:8118;
}

server {
    listen 80;
    return 301 https://$host$request_uri;
    server_name  support.panaroma.finance;
    ssl on;

    location ~ ^/(uploads/) {
            root /usr/src/trudesk/public;
            access_log off;
            expires modified +1h;
    }

    location / {
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_http_version 1.1;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
            proxy_cache one;
            proxy_cache_key trudesk$request_uri$scheme;
            proxy_pass http://socket_nodes;

            proxy_redirect http://socket_nodes https://socket_nodes;
    }

    # redirect server error pages to the static page /50x.html
    # in the even that the trudesk instance is down, these pages will serve.
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
    }
}

}

Request you to kindly help me to resolve the nginx configuration issue asap.

polonel commented 1 year ago

You have a redirect loop on in the server block.

It should be split out to a separate server block for redirect port 80 to https

Take a look at the example nginx configuration and take note of the server {} block for both port 80 and 443

You're trying to redirect to HTTPS and have Cloudflare establish the connection to your server over HTTP but when it redirects to HTTPS it is still proxied through HTTP and thus it tries to redirect to HTTPS again. That's your loop.

Turning off SSL gives you the 521 error because you're not listening on HTTPS but you are redirecting to it and enabling SSL via ssl on but like the rest of the SSL configuration, such as:

#ssl configuration
ssl_certificate         /path/to/certificate.crt
ssl_certificate_key     /path/to/certificate.key
github-actions[bot] commented 11 months ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] commented 11 months ago

This issue was closed because it has been stalled for 5 days with no activity.