krystalcode
commented
5 years ago Did you find a solution with this? I get the same for the login form.
Closed lncan closed 5 years ago
krystalcode
commented
5 years ago Did you find a solution with this? I get the same for the login form.
lncan
commented
5 years ago Did you find a solution with this? I get the same for the login form.
Ya. You must put a reserve proxy in front of zulip app, i'm using nginx in this case. And remember, you must add DISABLE_HTTPS: "TRUE" env in zulip service in docker-compose file. That's all.
krystalcode
commented
5 years ago Hmmm, thanks. Unfortunately it does not work for me.
jwilder/nginx-proxy (in fact testing with the separate containers setup nginx + docker-gen).DISABLE_HTTPS setting enabled.lncan
commented
5 years ago Hmmm, thanks. Unfortunately it does not work for me.
- I use
jwilder/nginx-proxy(in fact testing with the separate containers setupnginx+docker-gen).- I do have
DISABLE_HTTPSsetting enabled.
Please post your dock-compose file, nginx config file, zulip log and nginx log. And what is the error happening ?
krystalcode
commented
5 years ago Docker Compose
Not including backend services as I don't think they have much to do with the error and they're pretty standard.
version: '3.7'
services:
app:
image: zulip/docker-zulip:2.0.4-1
depends_on:
- postgres
- memcached
- rabbitmq
- redis
environment:
# Nginx proxy configuration.
- VIRTUAL_HOST=zulip.apps.localhost
- VIRTUAL_PORT=80
- VIRTUAL_NETWORK=nginx-proxy
# Application configuration.
- DISABLE_HTTPS=True
# All other Zulip setting variables here.
networks:
- backend-memcached
- backend-postgres
- backend-rabbitmq
- backend-redis
- proxy-tier
ulimits:
nofile:
soft: 40000
hard: 50000Nginx
No special configuration, default. The Docker Gen nginx template used is the following:
server_names_hash_bucket_size 128;
server {
listen 80 default_server;
server_name _; # This is just an invalid value which will never trigger on a real hostname.
error_log /proc/self/fd/2;
access_log /proc/self/fd/1;
return 503;
}
{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
upstream {{ $host }} {
{{ range $index, $value := $containers }}
{{ $addrLen := len $value.Addresses }}
{{ $network := index $value.Networks 0 }}
{{/* If only 1 port exposed, use that */}}
{{ if eq $addrLen 1 }}
{{ with $address := index $value.Addresses 0 }}
# {{$value.Name}}
server {{ $network.IP }}:{{ $address.Port }};
{{ end }}
{{/* If more than one port exposed, use the one matching VIRTUAL_PORT env var */}}
{{ else if $value.Env.VIRTUAL_PORT }}
{{ range $i, $address := $value.Addresses }}
{{ if eq $address.Port $value.Env.VIRTUAL_PORT }}
# {{$value.Name}}
server {{ $network.IP }}:{{ $address.Port }};
{{ end }}
{{ end }}
{{/* Else default to standard web port 80 */}}
{{ else }}
{{ range $i, $address := $value.Addresses }}
{{ if eq $address.Port "80" }}
# {{$value.Name}}
server {{ $network.IP }}:{{ $address.Port }};
{{ end }}
{{ end }}
{{ end }}
{{ end }}
}
server {
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server_name {{ $host }};
proxy_buffering off;
error_log /proc/self/fd/2;
access_log /proc/self/fd/1;
location / {
proxy_pass http://{{ trim $host }};
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
{{ end }}Errors
I don't see any specific errors on the zulip container's log output other than the following. Not sure where to locate more info.
2019-08-06 09:29:43,952 INFO exited: zulip_events_error_reports (exit status 1; not expected)
2019-08-06 09:29:43,961 INFO spawned: 'zulip_events_error_reports' with pid 2864Don't see any errors on the log output of the nginx container either.
Thanks
lncan
commented
5 years ago Docker Compose
Not including backend services as I don't think they have much to do with the error and they're pretty standard.
version: '3.7' services: app: image: zulip/docker-zulip:2.0.4-1 depends_on: - postgres - memcached - rabbitmq - redis environment: # Nginx proxy configuration. - VIRTUAL_HOST=zulip.apps.localhost - VIRTUAL_PORT=80 - VIRTUAL_NETWORK=nginx-proxy # Application configuration. - DISABLE_HTTPS=True # All other Zulip setting variables here. networks: - backend-memcached - backend-postgres - backend-rabbitmq - backend-redis - proxy-tier ulimits: nofile: soft: 40000 hard: 50000Nginx
No special configuration, default. The Docker Gen nginx template used is the following:
server_names_hash_bucket_size 128; server { listen 80 default_server; server_name _; # This is just an invalid value which will never trigger on a real hostname. error_log /proc/self/fd/2; access_log /proc/self/fd/1; return 503; } {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }} upstream {{ $host }} { {{ range $index, $value := $containers }} {{ $addrLen := len $value.Addresses }} {{ $network := index $value.Networks 0 }} {{/* If only 1 port exposed, use that */}} {{ if eq $addrLen 1 }} {{ with $address := index $value.Addresses 0 }} # {{$value.Name}} server {{ $network.IP }}:{{ $address.Port }}; {{ end }} {{/* If more than one port exposed, use the one matching VIRTUAL_PORT env var */}} {{ else if $value.Env.VIRTUAL_PORT }} {{ range $i, $address := $value.Addresses }} {{ if eq $address.Port $value.Env.VIRTUAL_PORT }} # {{$value.Name}} server {{ $network.IP }}:{{ $address.Port }}; {{ end }} {{ end }} {{/* Else default to standard web port 80 */}} {{ else }} {{ range $i, $address := $value.Addresses }} {{ if eq $address.Port "80" }} # {{$value.Name}} server {{ $network.IP }}:{{ $address.Port }}; {{ end }} {{ end }} {{ end }} {{ end }} } server { gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; server_name {{ $host }}; proxy_buffering off; error_log /proc/self/fd/2; access_log /proc/self/fd/1; location / { proxy_pass http://{{ trim $host }}; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # HTTP 1.1 support proxy_http_version 1.1; proxy_set_header Connection ""; } } {{ end }}Errors
I don't see any specific errors on the zulip container's log output other than the following. Not sure where to locate more info.
2019-08-06 09:29:43,952 INFO exited: zulip_events_error_reports (exit status 1; not expected) 2019-08-06 09:29:43,961 INFO spawned: 'zulip_events_error_reports' with pid 2864Don't see any errors on the log output of the nginx container either.
Thanks
Dear @krystalcode ,
You should put a configuration for HTTPS in nginx (redirect 80 to 443). If not, over error still occur. I can confirm this.
Regard.
dionevpn
commented
1 year ago I can confirm this issue. The problem is in the provided sample nginx configuration.
A viable solution:
In the sample configuration the proxy_set_header X-Forwarded-Protocol must be changed to proxy_set_header X-FORWARDED-PROTO. Currently django sees the host as https://example.com (which is not in the allowed hosts) while it should be example.com
pringtest
commented
1 year ago here is the answer.
https://forum.djangoproject.com/t/origin-checking-failed-with-ssl-https/20158/6
I manage to host zulip behind network loadbalancer.
B3nBeng
commented
1 year ago In my case, i had this issue after migrate to Zulip 7. (On k8s, deployed with Helm). This setting works for me :
zulip:
[...]
environment:
SETTING_CSRF_TRUSTED_ORIGINS: "['https://zulip.example.com']"
Hello everyone, I want to run zulip server on docker container. When i ran docker-compose, everything seem be OK.
But When i submit Create Organization, there was issue like below picture
So please you guys tell me solution to fix that. Thank you. Note: In docker-comose file, in zulip service, i add DISABLE_HTTPS: "True" environment.