Linstor-GUI behind proxy

LINSTOR
1

I’m running linstor-gui behind a proxy (nginx). When navigating to " https://linstor.on.proxy/", I get a 303 redirect to “http://linstor.on.proxy:80/ui/”.

I’ve configured X-Forwarded-Proto to https, but apparently that’s ignored. The Host part is apparently taken from the Host header, while X-Forwarded-Host is ignored as well.

What to configure where to get the correct redirect to “https://linstor.on.proxy/ui/”?

2

I agree this doesn’t appear to work:

brian@virtual1:~$ curl -v localhost:3370
*   Trying 127.0.0.1:3370...
* Connected to localhost (127.0.0.1) port 3370 (#0)
> GET / HTTP/1.1
> Host: localhost:3370
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 303 See Other
< Location: http://localhost:3370/ui/
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Headers: origin, content-type, accept, authorization
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
< Content-Length: 0
<
* Connection #0 to host localhost left intact

brian@virtual1:~$ curl -v -H "X-Forwarded-Proto: https" localhost:3370
*   Trying 127.0.0.1:3370...
* Connected to localhost (127.0.0.1) port 3370 (#0)
> GET / HTTP/1.1
> Host: localhost:3370
> User-Agent: curl/7.88.1
> Accept: */*
> X-Forwarded-Proto: https
>
< HTTP/1.1 303 See Other
< Location: http://localhost:3370/ui/
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Headers: origin, content-type, accept, authorization
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
< Content-Length: 0
<
* Connection #0 to host localhost left intact

The behaviour will be whatever the linstor-server embedded webserver does (grizzly?)

The relative redirect seems hard-coded here:

import javax.ws.rs.core.Response;
...
    @GET
    public Response index()
    {
        // if webUiDirectory exists, we will redirect to it, if not display api doc link and ui install hint
        final Response.ResponseBuilder respBuilder = Files.exists(Paths.get(linstorConfig.getWebUiDirectory())) ?
            Response.seeOther(URI.create("/ui/")) :  Response.status(Response.Status.OK).entity(INDEX_CONTENT);
        return respBuilder.build();
    }

…but some other code is responsible for turning it into an absolute URI.

Maybe for now, the solution is to implement the redirect on nginx.

1 Like
3

Ok, so apparently I didn’t miss something. Implemented the redirect in nginx now:

location = / {
          return 301 https://$host/ui/;
        }

Thanks for clarification.