HTTPS doesn't seem to be working...?
See original GitHub issueOkay, this is probably just me personally and not a bug, but I just can’t get HTTPS to work. My app keeps going straight to HTTP instead even though I’ve set the few environment variables mentioned on some issues and the docs… Is there something obvious that I’m missing?
Here are the 3 environment variables I set in the .env
file:
CSRF_TRUSTED_ORIGINS="https://[redacted]"
SECURE_PROXY_SSL_HEADER=True
DEBUG=1
And my docker-compose:
version: "3.9"
services:
babybuddy:
image: ghcr.io/linuxserver/babybuddy:latest
container_name: babybuddy
volumes:
- ./appdata:/config
ports:
- 8000:8000
restart: unless-stopped
env_file: .env
I’ve tried to also have these environment variables under environment:
in the docker-compose but that didn’t make any difference. Am I missing something obvious? Last few logs in docker logs babybuddy
:
[2022-02-27 05:07:28 +0000] [300] [INFO] Starting gunicorn 20.1.0
[2022-02-27 05:07:28 +0000] [300] [INFO] Listening at: http://0.0.0.0:8000 (300)
[2022-02-27 05:07:28 +0000] [300] [INFO] Using worker: gthread
[2022-02-27 05:07:28 +0000] [316] [INFO] Booting worker with pid: 316
[2022-02-27 05:07:28 +0000] [317] [INFO] Booting worker with pid: 317
^ As can be seen here, it’s doing http instead of https.
Any guidance or clarification would be appreciated. I’m working on trying to make this externally accessible for us and don’t want to do so until I know I can make sure it’s setup over https 😃
Oh and in case it’s needed, the version in the dropdown on the UI shows v1.10.1
👍
Thank you!
Issue Analytics
- State:
- Created 2 years ago
- Comments:8
Top GitHub Comments
Well you made me curious and caught me at a good time with the little ones napping so I think I got this all documented!
https://docs.baby-buddy.net/setup/ssl/
Give it a go and let me know if you have any trouble/suggestions/additions/etc. There are lots of other ways to do this but this a pattern I am most familiar with. It can also be done all within the
docker-compose.yml
but that seemed a bit too complicated for me. If anyone ever does that and reports back I’ll add it to the documentation as well 😄Ok so backtracking again… I’m pretty sure this is expected (: Gunicorn is only going to serve up the app over an unencrypted connection so you’ll need a proxy like NGINX in front of it to handle SSL and redirect the traffic appropriately.
I’m going to see if I can cook up some quick documentation on this.