Infos:
- Used Zammad version: Latest
- Used Zammad installation source: (source, package, …) : apt
- Operating system: Ubuntu 18
- Browser + version: Chrome / Firefox Version: Latest
Expected behavior:
All SSL connections should terminate on the firewall. The Firewall request web content from the Zammad Webserver. The firewall serves web content on behalf of the zammad server
*
Actual behavior:
A loading page is displayed when the Sites-Available configuration is changed.
Configuration Lines changed:
from server_name x.x.x.x[private IP];
to server_name example.com;
from location /
to location /support/
Please see below sites available config file:
upstream zammad-railsserver {
server 127.0.0.1:3000;
}
upstream zammad-websocket {
server 127.0.0.1:6042;
}
server {
listen 80;
# replace 'localhost' with your fqdn if you want to use zammad from remote
server_name example.com;
root /opt/zammad/public;
access_log /var/log/nginx/zammad.access.log;
error_log /var/log/nginx/zammad.error.log;
client_max_body_size 50M;
location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico) {
expires max;
}
location /ws {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400;
proxy_pass http://zammad-websocket;
}
location /support/ {
proxy_set_header Host $http_host;
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300;
proxy_pass http://zammad-railsserver/;
gzip on;
gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
gzip_proxied any;
}
}
My logs are showing 404 errors when trying to load assests when i go to example.com/support. Am i missing configuration in a file required to make this work?
Please see below logs:
192.168.1.100 - - [15/Dec/2019:03:20:17 +0000] “GET /support/ HTTP/1.1” 404 152 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0”
192.168.1.100 - - [15/Dec/2019:03:20:17 +0000] “GET /support/ HTTP/1.1” 404 152 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0”
192.168.1.100 - - [15/Dec/2019:03:09:43 +0000] “GET /ws HTTP/1.1” 404 209 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36”
192.168.1.100 - - [15/Dec/2019:03:09:52 +0000] “GET /ws HTTP/1.1” 404 209 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36”
Note: 192.168.1.100 is the WAF
Key things to note:
When i swap the servername in the sites-available file back to private IP and navigate to 10.150.150.15/support the server serves the page appropriately. There is only issue when i utilize a hostname instead of the private IP.
please see below logs:
192.168.1.200 - - [15/Dec/2019:03:22:54 +0000] “POST /support/api/v1/knowledge_bases/init HTTP/1.1” 200 402 “http://10.150.150.15/support/” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0”
192.168.1.200 - - [15/Dec/2019:03:32:55 +0000] “POST /support/api/v1/knowledge_bases/init HTTP/1.1” 200 402 “http://10.150.150.15/support/” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0”
I am looking for help with this and I believe there is a minor config change that need to occur