I have a server (Ubuntu-Server) with some Docker-based servers (Gitlab, Redmine) and NGINX as Proxy.
gitlab.<myserver> => NGINX -> <docker-net-ip>:port => Gitlab-container
redmine.<myserver> => NGINX -> <docker-net-ip>:port => Redmine-container
SQL-container
Certbot
This works like a charm. Now I want to extend my server by Cockpit Web Service:
cockpit.<myserver> => NGINX -> localhost:9090 => Cockpit running on the server
gitlab.<myserver> => NGINX -> <docker-net-ip>:port => Gitlab-container
redmine.<myserver> => NGINX -> <docker-net-ip>:port => Redmine-container
SQL-container
Certbot
I added an extra NGINX rule (corresponding to https://github.com/cockpit-project/cockpit/wiki/Proxying-Cockpit-over-NGINX) for cockpit and then cockpit comes available but neither Redmine nor Gitlab. If I remove the rule, it's vice versa.
In /etc/nginx/sites-available/ and /etc/nginx/sites-enabled/ the following NGINX rules are stored:
gitlab.<myserver>
server {
listen 80;
listen [::]:80;
server_name gitlab.<myserver>;
location / {
proxy_pass http://<docker-net-ip>:port;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
}
}
redmine.<myserver>
server {
listen 80;
listen [::]:80;
server_name redmine.<myserver>;
location / {
proxy_pass http://<docker-net-ip>:port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
and now I added :
cockpit.<myserver>
server {
listen 80;
listen 443 ssl;
server_name cockpit.<myserver>;
location / {
# Required to proxy the connection to Cockpit
proxy_pass https://127.0.0.1:9090;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
# Required for web sockets to function
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Pass ETag header from Cockpit to clients.
# See: https://github.com/cockpit-project/cockpit/issues/5239
gzip off;
}
}
and /etc/cockpit/cockpit.conf
[WebService]
Origins = https://cockpit.<myserver> 127.0.0.1:9090
ProtocolHeader = X-Forwarded-Proto
[Log]
Fatal = /var/log/cockpit.log
[Session]
IdleTimeout=15
What's missing here?