Nginx Reverse Proxy Issues - Failed to Fetch

Really having issues getting the reverse proxy setup happy and working. I’ve looked at the documentation and various sample configs I’ve found, but no luck.

I’ve switched from Caddy to nginx since there is more documentation, with Caddy I have the indefinitely spinning plugins screen, so far with nginx I have the same thing - loading plugin information.

I have 8080 open on nftables for testing still, so I can navigate to the local ip:8080 just fine.

nginx config:

server {
listen 80;
server_name scm.example.com;
return 301 https://$host$request_uri; # Redirect HTTP to HTTPS
}

server {
listen 443 ssl;
server_name scm.example.com;

ssl_certificate /etc/letsencrypt/live/scm.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/scm.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

# SCM-Manager reverse proxy
location /scm {
    proxy_pass http://scm.example.com:8080;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;

}

}

I have the following set in SCM-Manager’s config.yml:

forwardHeadersEnabled: true

Any suggestions?

Hello gsink,

we are going to take a look at this issue at some point. If the problem persists, you may check whether setting up a new SCM-Manager solves the problem.

Kind regards

Till-André Diegeler
Cloudogu

Have you taken a look at the docs at https://scm-manager.org/docs/3.8.x/en/administration/reverse-proxies/#nginx, @gsink ?

This is a brand new installation.

I did reference that documentation and initially tried that exact config, I believe it resulted in the same, but I will switch back to it and see. @pfeuffer

I just compared with my set-up. Maybe a proxy_set_header X-Forwarded-Host $host:$server_port; might help?

I believe the core issue was that at some point during setup I had created an additional docker container.

I believe during the step in documentation referring to creating a volume mapping to the scm config file where I specified forwardHeadersEnabled: true, which was not the active/running docker container, so I had not actually set that value!

I simply updated this value inside the config file in the container and along with my final version of nginx config below, was successful:

server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri; # Redirect HTTP to HTTPS
}

server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;

location = / {
    return 301 /scm/;
}

# SCM-Manager reverse proxy
location /scm {
    proxy_pass http://localhost:8080;
}

}