I tried so many things to start CryptPad on just ip and self-signed cert. It works fine in http "developer" mode, but if I try to pass it throw nginx, it just not reachable. Maybe someone can help me?
Nginx config
listen 4000 ssl;
listen [::]:4000 ssl;
ssl_certificate /etc/nginx/ssl/self-signed.crt;
ssl_certificate_key /etc/nginx/ssl/self-signed.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ^~ /cryptpad_websocket {
proxy_pass http://127.0.0.1:3003;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
}
error_page 497 https://$host$request_uri;
}
server {
listen 4001 ssl;
listen [::]:4001 ssl;
ssl_certificate /etc/nginx/ssl/self-signed.crt;
ssl_certificate_key /etc/nginx/ssl/self-signed.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass http://127.0.0.1:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ^~ /cryptpad_websocket {
proxy_pass http://127.0.0.1:3003;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
}
error_page 497 https://$host$request_uri;
}
config/config.js
httpUnsafeOrigin: 'https://ip:4000',
httpSafeOrigin: "https://ip:4001",
httpAddress: '127.0.0.1',
httpPort: 3000,
httpSafePort: 3001,
websocketPort: 3003,
// maxWorkers: 4,
//otpSessionExpiration: 7*24, // hours
//enforceMFA: false,
//logIP: false,
adminKeys: [
],
//inactiveTime: 90, // days
//archiveRetentionTime: 15,
//accountRetentionTime: 365,
//disableIntegratedEviction: true,
//maxUploadSize: 20 * 1024 * 1024,
//premiumUploadSize: 100 * 1024 * 1024,
filePath: './datastore/',
archivePath: './data/archive',
pinPath: './data/pins',
taskPath: './data/tasks',
blockPath: './block',
blobPath: './blob',
blobStagingPath: './data/blobstage',
decreePath: './data/decrees',
logPath: './data/logs',
logToStdout: true,
logLevel: 'info',
logFeedback: false,
verbose: false,
installMethod: 'unspecified',
};