CSRF token verification failed Portainer Installation

zems91 · December 10, 2024, 2:09am

I am a beginner using Zammad, and I installed it via Portainer in a Docker container setup. The Zammad container is running inside Portainer, and I am using Nginx on the host machine as a reverse proxy. After installation, I encountered the following issues:
*after initial setup zammad I cannot login anymore .When accessing Zammad via the browser, I keep getting the error message “CSRF token verification failed!”.
ALSO

The container zammad-zammad-init-1 keeps failing, even after restarting it. This is blocking further setup and troubleshooting.

For information Zammad is via portainer but
I set up Nginx on the host machine as a reverse proxy to forward requests to the Zammad container.

The Nginx configuration was tested and reloaded successfully. I ensured to use the correct headers, such as X-Forwarded-Proto and X-Forwarded-For, and SSL configuration via Certbot. I added a specific configuration for WebSocket support:

nginx

Copy code

location /ws {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_read_timeout 86400;
    proxy_pass http://zammad-websocket;
}

However, I received an error about the zammad-websocket being unknown. I changed it to use 127.0.0.1, but the problem persists.

the Zammad init container (zammad-zammad-init-1) keeps failing, even after restarting inside Portainer.
I would appreciate any guidance or suggestions on how to fix the configuration, or if there’s a way to troubleshoot the container failure more effectively.

Thank you for your help!

dalbaugh · December 11, 2024, 4:58pm

Hi @zems91

I’m also fairly new to Zammad, but ran into the same error message. It took me quite a bit of searching outside of the community before I found a fix for my instance. Keep in mind that my install is on Debian 12 running Apache2, but the same fix might work for you as well. You can read about it here:

The first solution on that site is to rename zammad-le-ssl.conf to something other than a .conf file. In my case, I changed .conf to .bak and restarted zammad.

I’m not familiar with nginx, but the offending file is in the same path as zammad.conf.

I hope this helps. Good luck!

MrGeneration · December 11, 2024, 6:23pm

Your solution does not fit the users mentioned environment. Please do not spam that link all around the board.

zems91 · December 12, 2024, 4:14am

Thank you for your response. I was able to resolve the issue by aligning my Nginx configuration with the Zammad configuration file available on GitHub. After reloading Nginx, everything works perfectly.

Here is the URL for reference: zammad/contrib/nginx/zammad_ssl.conf at develop · zammad/zammad · GitHub

santhushas · December 12, 2024, 9:08am

Hi @zems91,

The reference URL isn’t working. Can you please check it and reshare the correct one?

zems91 · December 15, 2024, 2:40am

Here is the url:

github.com

zammad/zammad/blob/develop/contrib/nginx/zammad_ssl.conf

#
# this is an example nginx config for Zammad
# Please visit https://docs.zammad.org for further input on how to configure
# your nginx to work with Zammad
#

upstream zammad-railsserver {
  server 127.0.0.1:3000;
}

upstream zammad-websocket {
  server 127.0.0.1:6042;
}

server {
  listen 80;
  listen [::]:80;

  server_name example.com;

This file has been truncated. show original

system · December 22, 2024, 2:40am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.