Open isetthestandard opened 3 months ago
*🆕 Untriaged**
The team has not yet reviewed the issue. We usually do it within one business day. Docs: https://github.com/toeverything/AFFiNE/blob/canary/docs/issue-triaging.md
This is an automatic reply by the bot.
Hi @isetthestandard,
Could you show me your Compose file? I am using Affine with a reverse proxy (https://github.com/caddyserver) as well, and it works like a charm!
Greetings"
I use the standard compose.yaml. I only added the flag AFFINE_SERVER_HTTPS. Do you have any instructions on how I can operate caddyserver with the self-hosted version of affine? Server configuration is not my strength. Thank you very much!
ADDED: I got it! :) Container itself is running without HTTPS and on port 3010, I had to change only domain name, not a port and protocol, those should be 3010 and HTTPS: FALSE
Suppose I have same issue here.
I'm using Nginx Proxy Manager (Nginx+WebGUI, NPM)
After adding in compose lines like
AFFINE_SERVER_HOST: 'affine.HEREMYDOMAIN.COM'
AFFINE_SERVER_PORT: 443
AFFINE_SERVER_HTTPS: true
acquiring letsencrypt certificate by NPM done smoothly
but when I enter by domain name get an error "502 Bad Gateway / openresty"
using local IP address and 'external' docker port give the web page successfully
if I comment out those 3 variables, I can get a web page by its domain name, but then magic links are send with localhost:3010 as target host
Hello,
You need to launch Nginx on your server and set up traffic routing from your domain to the server's localhost:3010. After that, you can configure HTTPS using Let's Encrypt.
I plan to write a little manual after this issue is resolved: https://github.com/toeverything/AFFiNE/issues/8015
Thank you!
Hi everyone, I’ve published a small guide on deploying self-hosted Affine on a server with domain setup
en: https://docs.polyakov.marketing/share/476a2681-7ede-4b3a-b8b7-291cd9299015/QcEtVycYtB7OB8BP-CP7Z
ru: https://docs.polyakov.marketing/share/476a2681-7ede-4b3a-b8b7-291cd9299015/81Ld3jjqzAeCkPIT3yXZ8
I suggest you use Traefik as a container reverse-proxy. Documentation is extensive, and you won't have to doany extra configuration on Affine's end besides adding the config labels for Traefik to route properly.
This will be much easier than setting up nginx/letsencrypt and won't require any extra package installation.
@emerikaji there are a lot of same software https://nginxproxymanager.com/guide/ i think, that nginx is very stable, and reliable and has clear logs.
@artwist-polyakov I was suggesting a different solution that's suited specifically to the initial topic of using https on a Docker deployment, which Traefik is often used for in production.
The creator of this issue would likely be happier to have a wider assortment of options at their disposal- This is probably not the right discussion feed to debate which one is better.
I used Caddy and then swapped it to aff, but found that the static page couldn't load?
Caddy
xxx.ai {
reverse_proxy xxx_svc_affine:3010 {
header_up X-Real-IP {http.request.remote}
transport http {
read_timeout 3m
write_timeout 3m
}
}
docker-compose.yaml
services:
affine:
image: ghcr.io/toeverything/affine-graphql:stable
container_name: affine_selfhosted
command:
['sh', '-c', 'node ./scripts/self-host-predeploy && node ./dist/index.js']
ports:
- '3010:3010'
- '5555:5555'
depends_on:
redis:
condition: service_healthy
postgres:
condition: service_healthy
volumes:
# custom configurations
- ~/.affine/self-host/config:/root/.affine/config
# blob storage
- ~/.affine/self-host/storage:/root/.affine/storage
logging:
driver: 'json-file'
options:
max-size: '1000m'
restart: unless-stopped
environment:
- NODE_OPTIONS="--import=./scripts/register.js"
- AFFINE_CONFIG_PATH=/root/.affine/config
- REDIS_SERVER_HOST=redis
- DATABASE_URL=postgres://affine:affine@postgres:5432/affine
- NODE_ENV=production
- AFFINE_ADMIN_EMAIL=${AFFINE_ADMIN_EMAIL}
- AFFINE_ADMIN_PASSWORD=${AFFINE_ADMIN_PASSWORD}
# Telemetry allows us to collect data on how you use the affine. This data will helps us improve the app and provide better features.
# Uncomment next line if you wish to quit telemetry.
# - TELEMETRY_ENABLE=false
redis:
image: redis
container_name: affine_redis
restart: unless-stopped
volumes:
- ~/.affine/self-host/redis:/data
healthcheck:
test: ['CMD', 'redis-cli', '--raw', 'incr', 'ping']
interval: 10s
timeout: 5s
retries: 5
postgres:
image: postgres
container_name: affine_postgres
restart: unless-stopped
volumes:
- ~/.affine/self-host/postgres:/var/lib/postgresql/data
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U affine']
interval: 10s
timeout: 5s
retries: 5
environment:
POSTGRES_USER: affine
POSTGRES_PASSWORD: affine
POSTGRES_DB: affine
PGDATA: /var/lib/postgresql/data/pgdata
Hello, unfortunately I can't manage to configure affine with https. Affine should run on port 3025 but with https. Certificates are available. How can I switch from http to https?
Thank you!