Loading...
 
Architecture / Installation

Architecture / Installation


Trouble with ports using Docker

posts: 2 Germany

Hi everyone,

I am trying to install Tiki using Docker-Compose. On my host I have an nginx taking care of https.
I can complete the Tiki Installer. I am choosing "HTTPS login: Disabled". But when it comes to login, it is calling https://wiki.example.com:5000/tiki-login.php which is obviously wrong, 5000 is the internal Docker-Port.
Here are the interesting config parts:
docker-compose.yml

version: '3.7'

services:
  haproxy:
    image: eeacms/haproxy
    depends_on:
    - tiki
    ports:
            - "8083:5000"
    environment:
      BACKENDS: "tiki"
      DNS_ENABLED: "true"
      LOG_LEVEL: "info"
  tiki:
    image: tikiwiki/tikiwiki:latest
    depends_on:
      - db
    deploy:
      replicas: 1
 ...

nginx:

server {
  listen 80;
  listen [::]:80;
  server_name wiki.example.com;
  
  return 301 https://$host$request_uri;
}
server {
  listen 443;
  listen [::]:443;
  server_name wiki.example.com;

  ssl on;
  ssl_certificate /opt/some/dir/cert.pem;
  ssl_certificate_key /opt/some/dir/key.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers HIGH:!aNULL:!MD5;

  location / {
      proxy_pass http://127.0.0.1:8083/;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      client_max_body_size 0;
  }
}

I have tried a bunch of things to get things right, but with no success.
I have tried to update the configuration in the mariadb with:

INSERT INTO tiki_preferences (name, value) VALUES ('feature_port_rewriting', 'y');

and I have tried to change the configuration for 'fallbackBaseUrl' like

INSERT INTO tiki_preferences (name, value) VALUES ('fallbackBaseUrl', 'https://wiki.example.com');

but this does not change anything to this behavior.
I could of course try the use nginx 'sub_filter' to tweak the content of the delivered pages, but that seems wrong to me.
So my simple question is:
How do I configure Tiki to use just the right port?

Thanks in advance,
Boris

posts: 2 Germany
Boris Cassar wrote:
I could of course try the use nginx 'sub_filter' to tweak the content of the delivered pages, but that seems wrong to me.

I tried to use nginx with subfilter:

sub_filter 'https://wiki.example.com:5000/'  'https://$host/';

That brought immediately the next error:

[Mon Dec 07 13:02:38.138089 2020] [php7:notice] [pid 23] [client XXX.XXX.XXX.XXX:39708] \n**** Start CSRF error fromwiki.example.com *****\n  The HTTP_ORIGIN host (wiki.example.com) does not match this server (wiki.example.com:5000).\n  site_security_timeoutpreference:1440Sekunden(24 minutes)\n  SCRIPT_NAME: /tiki-admin.php\n  REQUEST_URI: /tiki-admin.php\n  HTTP_ORIGIN: https://wiki.example.com\n  HTTP_REFERER: https://wiki.example.com/tiki-admin.php\n  REQUEST_METHOD: POST\n, referer: https://wiki.example.com/tiki-admin.php
[Mon Dec 07 13:02:38.138192 2020] [php7:notice] [pid 23] [client XXX.XXX.XXX.XXX:39708] \n  $_GET: leer\n  $_POST: {\n    "ticket": "TMcJzPvvZNSHarNoT2AaZMQBh5KLOXTwdpHkMbgSVGo",\n    "pref_filters": [\n        "basic",\n        "advanced"\n    ]\n}\n**** End CSRF error fromwiki.example.com *****, referer: https://wikiexample.com/tiki-admin.php
XXX.XXX.XXX.XXX - - [07/Dec/2020:13:02:37 +0000] "POST /tiki-admin.php HTTP/1.0" 200 82448 "https://wiki.example.com/tiki-admin.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0"
XXX.XXX.XXX.XXX - - [07/Dec/2020:13:02:38 +0000] "GET /themes/base_files/favicons/favicon-16x16.png HTTP/1.0" 200 1039 "https://wiki.example.com/tiki-admin.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0"

Does anybody have an idea?

Regards,
Boris