Infos:
- Used Zammad version: 3.6
- Used Zammad installation source: package
- Operating system: UBUNTU 18
- Browser + version: chrome
Expected behavior:
- Login to zammad without CSRF token verification failed!
Actual behavior:
- CSRF token verification failed! Can’t reconfigure reverse proxy to correct IP address
Steps to reproduce the behavior:
- Follow tutorial to install in ubuntu configure reverse proxy in another machine
Hello community!
I am using a NGINX reverse proxy in a separate machine to serve my zammad app. (packet ubuntu 18). I want to know how can I change ruby’s listening IP address, 127.0.0.1 by default. I want to change to the server Private IP address, if not my reverse proxy can’t access localhost because it is not in the same machine. Here are my confs:
Nginx reverse proxy in another machine:
#
# this is the nginx config for zammad
#
upstream zammad-railsserver {
server 192.168.xx.xx:3000; <-- Zammad Server Private IP
}
upstream zammad-websocket {
server 192.168.xx.xx:6042; <-- Zammad Server Private IP
}
server {
listen 443;
# replace 'localhost' with your fqdn if you want to use zammad from remote
server_name zammad.fqdn;
# security - prevent information disclosure about server version
server_tokens off;
root /opt/zammad/public;
access_log /var/log/nginx/zammad.access.log;
error_log /var/log/nginx/zammad.error.log;
client_max_body_size 50M;
location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico|apple-touch-icon.png) {
expires max;
}
location /ws {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400;
proxy_pass http://zammad-websocket;
location / {
proxy_set_header Host $http_host;
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Change this line in an SSO setup
proxy_set_header X-Forwarded-User "";
proxy_read_timeout 300;
proxy_pass http://zammad-railsserver;
gzip on;
gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
gzip_proxied any;
}
}
# http redirect to https
server {
listen 80;
server_name zammad.it-work.fr;
if ($host = zammad.it-work.fr) {
return 301 https://$host$request_uri;
}
return 404;
}