forked from MirrorHub/synapse
Preserve host in example apache config (#9696)
Fixes redirect loop Signed-off-by: Paul Tötterman <paul.totterman@iki.fi>
This commit is contained in:
parent
d4c4798a25
commit
d7d4232a2d
2 changed files with 11 additions and 5 deletions
|
@ -98,9 +98,12 @@ will log a warning on each received request.
|
||||||
|
|
||||||
To avoid the warning, administrators using a reverse proxy should ensure that
|
To avoid the warning, administrators using a reverse proxy should ensure that
|
||||||
the reverse proxy sets `X-Forwarded-Proto` header to `https` or `http` to
|
the reverse proxy sets `X-Forwarded-Proto` header to `https` or `http` to
|
||||||
indicate the protocol used by the client. See the `reverse proxy documentation
|
indicate the protocol used by the client.
|
||||||
<docs/reverse_proxy.md>`_, where the example configurations have been updated to
|
|
||||||
show how to set this header.
|
Synapse also requires the `Host` header to be preserved.
|
||||||
|
|
||||||
|
See the `reverse proxy documentation <docs/reverse_proxy.md>`_, where the
|
||||||
|
example configurations have been updated to show how to set these headers.
|
||||||
|
|
||||||
(Users of `Caddy <https://caddyserver.com/>`_ are unaffected, since we believe it
|
(Users of `Caddy <https://caddyserver.com/>`_ are unaffected, since we believe it
|
||||||
sets `X-Forwarded-Proto` by default.)
|
sets `X-Forwarded-Proto` by default.)
|
||||||
|
|
|
@ -104,10 +104,11 @@ example.com:8448 {
|
||||||
```
|
```
|
||||||
<VirtualHost *:443>
|
<VirtualHost *:443>
|
||||||
SSLEngine on
|
SSLEngine on
|
||||||
ServerName matrix.example.com;
|
ServerName matrix.example.com
|
||||||
|
|
||||||
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
||||||
AllowEncodedSlashes NoDecode
|
AllowEncodedSlashes NoDecode
|
||||||
|
ProxyPreserveHost on
|
||||||
ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
|
ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
|
||||||
ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
|
ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
|
||||||
ProxyPass /_synapse/client http://127.0.0.1:8008/_synapse/client nocanon
|
ProxyPass /_synapse/client http://127.0.0.1:8008/_synapse/client nocanon
|
||||||
|
@ -116,7 +117,7 @@ example.com:8448 {
|
||||||
|
|
||||||
<VirtualHost *:8448>
|
<VirtualHost *:8448>
|
||||||
SSLEngine on
|
SSLEngine on
|
||||||
ServerName example.com;
|
ServerName example.com
|
||||||
|
|
||||||
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
||||||
AllowEncodedSlashes NoDecode
|
AllowEncodedSlashes NoDecode
|
||||||
|
@ -135,6 +136,8 @@ example.com:8448 {
|
||||||
</IfModule>
|
</IfModule>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
**NOTE 3**: Missing `ProxyPreserveHost on` can lead to a redirect loop.
|
||||||
|
|
||||||
### HAProxy
|
### HAProxy
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in a new issue