search

spantaleev / matrix-docker-ansible-deploy

🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
GNU Affero General Public License v3.0
4.92k stars 1.05k forks source link

External Reverse Proxy OIDC Problem #1195

Open xXTim97Xx opened 3 years ago

xXTim97Xx commented 3 years ago

I've got a Problem while trying to setup Matrix with an external Proxy.

When I'm trying to click on "Login with Auth0" on Element, my Webbrowser shows:

"Error to many redirects"

Is the redirection wrong? Currently it's going to: https://matrix.example.de/_matrix/client/r0/login/sso/redirect/oidc-auth0?redirectUrl=https%3A%2F%2Felement.example.de%2F

Everything else is working fine.

My external Proxy is a nginx reverse proxy and setup with this config on another server.

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name matrix.*;
    server_name element.*;

    include /config/nginx/ssl.conf;

    #client_max_body_size 0;

    location / {

        client_max_body_size 50M;

        include /config/nginx/proxy-matrix.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 10.0.20.20;
        set $upstream_port 81;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}
hungrymonkey commented 3 years ago

Is your bug similar to this error here? https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1132

jacotec commented 2 years ago

@xXTim97Xx Have you been able to solve this? I'm running into the same issue with KeyCloak Auth ... :(

rwjack commented 3 months ago

For anyone having this issue:

I have quite a complex proxy config, and the problem turned out to be at the last one, the nginx balancing synapse traffic. Since the second last proxy was talking plain http to the nginx proxy, all I needed to do was hardcode the X-Forwarded-Proto header to 'https' on the nginx proxy.

This solved all the redirects, and it's likely the same issue as mentioned above.