Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Deployment] When HTTPS is changed to a port other than 443, it cannot log in normally. #2732

Closed
Evangelove opened this issue Oct 21, 2024 · 4 comments
Closed

[Deployment] When HTTPS is changed to a port other than 443, it cannot log in normally. #2732

Evangelove opened this issue Oct 21, 2024 · 4 comments
Labels
deployment

Comments

@Evangelove
Copy link

OpenIM Server Version

v3.8.1

Operating System and CPU Architecture

Linux (AMD)

Deployment Method

Docker Deployment

Issue Description and Steps to Reproduce

The network environment consists of one internal host and two testing hosts. One testing host (B) is on the same network as the internal server (A), while the other testing host (C) is on a different network. All three machines can access the internet normally.

When I deployed OpenIM using Docker, the HTTP protocol was functioning properly within the internal network. According to the configuration requirements for the website's Nginx deployment, I modified the domain name and certificate. Host C can access the PC-Web page at https://web.datashare.top:1443/ via the internet, but the login is consistently unsuccessful. Upon inspecting the API request, I found that it is attempting to access https://web.datashare.top/chat/account/login, but is missing port information. Below is my Nginx configuration file:

upstream msg_gateway {
server 127.0.0.1:10001;
}
upstream im_api {
server 127.0.0.1:10002;
}
upstream im_chat_api {
server 127.0.0.1:10008;
}
upstream im_admin_api {
server 127.0.0.1:10009;
}
upstream minio_s3_2 {
server 127.0.0.1:10005;
}
upstream pc_web {
server 127.0.0.1:11001;
}
upstream openim_admin {
server 127.0.0.1:11002;
}

server {
listen 1443 ssl;
server_name web.datashare.top;
ssl_certificate "/ext/server.crt";
ssl_certificate_key "/ext/server.key";

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";

default_type application/wasm;

location / {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://pc_web/;
}

location /msg_gateway {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://msg_gateway/;
}

location ^~/api/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Request-Api $scheme://$host/api;
    proxy_pass http://im_api/;
}

location ^~/chat/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_chat_api/;
}

location ^~/im-minio-api/ {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_connect_timeout 300;

    proxy_http_version 1.1;
    proxy_set_header Connection "";
    chunked_transfer_encoding off;
    proxy_pass http://minio_s3_2/;
}

}

server {
listen 1443 ssl;
server_name admin.datashare.top;
ssl_certificate "/ext/server.crt";
ssl_certificate_key "/ext/server.key";

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";

default_type application/wasm;

location / {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://openim_admin/;
}

location /msg_gateway {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://msg_gateway/;
}

location ^~/api/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Request-Api $scheme://$host/api;
    proxy_pass http://im_api/;
}

location ^~/chat/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_chat_api/;
}

location ^~/complete_admin/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass http://im_admin_api/;
}

}

server {
listen 80;
server_name web.datashare.top;
rewrite ^(.*)$ https://$host$1 permanent;
#return 301 https://$host:1443$request_uri;
}

Screenshots Link

No response
@OpenIM-Robot
Copy link

Hello! Thank you for filing an issue.

If this is a bug report, please include relevant logs to help us debug the problem.

Join slack 🤖 to connect and communicate with our developers.

@Evangelove
Copy link
Author

By adding port 1443 in Postman and testing https://web.datashare.top:1443/chat/account/login, it successfully returns the token and other information.

@skiffer-git
Copy link
Member

Is the client built with Flutter or another framework?

@Bloomingg
Copy link
Member

The problem has been fixed. You can delete the openim/openim-web-front image and then pull it again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
deployment
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Bloomingg @skiffer-git @Evangelove @OpenIM-Robot