On 7/02/2015 06:29, Jonathan Biegert wrote:
I'd like to reverse-proxy
the syncserver through their webserver/https setup. This is normally
done with the following directives in a .htaccess file:
RewriteEngine On
RewriteRule (.*) http://localhost:64223/$1 [P]
Doing so, I can connect to the syncserver via https - but then the
server will issue the following message(s):
serving on 0.0.0.0:PORT view at http://127.0.0.1:PORT
ERROR:syncserver:The public_url setting does not match the application url.
This will almost certainly cause authentication failures!
public_url setting is: https://HOST.uberspace.de/ffsync-1.5
application url is: http://localhost:PORT/ffsync-1.5
I suspect that, opposed to sync 1.1, the syncserver does not simply work
with the different Host: http header (and others) it receives being
behind the reverse proxy.
Right - the new sync uses request-signing so it's important that the
server's idea of its hostname matches with what the client sees.
I'm not sure how to get `pserve` to respect the Host header and
associated environment flags. I'd suggest moving to gunicorn as
documented here:
https://docs.services.mozilla.com/howtos/run-sync-1.5.html#nginx-gunicorn
It knows how to interpret the Host, X-Forwarded-Proto etc headers and
re-construct the publicly-visible URL from behind a reverse proxy.
Cheers,
Ryan
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
