so, i have immich set up behind an nginx reverse proxy, here is the configuration:
server {
server_name [my domain];
# https://github.com/immich-app/immich/blob/main/nginx/templates/default.conf.template#L28
client_max_body_size 50000M;
location / {
proxy_pass http://192.168.0.69:2283;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# http://nginx.org/en/docs/http/websocket.html
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/[my domain]/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/[my domain]/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
#server {
# if ($host = [my domain]) {
# return 301 https://$host$request_uri;
# } # managed by Certbot
# server_name [my domain]
# listen 443 ssl
# https://github.com/immich-app/immich/blob/main/nginx/templates/default.conf.template#L28
# client_max_body_size 50000M;
# listen 80;
# return 404; # managed by Certbot
#}
http works at all times, (when connecting thru domain) and https ONLY WORKS if i am not on the local network (the sever is an old laptop) i i am using a vpn (or in another building) it works fine, and DNS requests from inside the same network resolve to the public IP, as expected.
I am stumped.
ps: the connection times out when connecting to it on the same network (with domain) and tcpdump and access.log dont pick up anything
Edit: formatting
You are not using a http to https redirect. Is that turned off for debugging ?
Try using the openssl command line to connect with the advantage of not having to think about app or web browser caches :
that times out, it doesnt give any information, thanks anyways though!
Does tcping connect at all? Traceroute?
Turns out the issue is that my router does not support NAT loopback, and I’ve found a fix for that, thank you for the help tho