First of all thanks a lot for the new https feature.
I`ve got one troubleshoot atm. It seems like the redirect from http to https is not working. I could open http://myproject.loc and https://myproject.loc and both are working. Shouldn`t been http://myproject.loc redirected to https://myproject.loc?
I am using HTTPD_SERVER nginx-stable with the default nginx template.
The default is to have both, http and https.
A redirect can however be accomplished by setting:
- MAIN_VHOST_SSL_TYPE=both
to
- MAIN_VHOST_SSL_TYPE=redir
in docker-compose.yml
It is not yet a configurable variable in .env as it was not yet properly tested. Feel free to report back here how that works.
Thank you for your fast response. I`ve changed the MAIN_VHOST_SSL_TYPE to redir but it has no effect. The "problem" still exists.
If i changed it to redirect (Just to test if changes are reconized) the log shows me an error after running docker-compose up as expected.
[ERR] Invalid value for $MAIN_VHOST_SSL_TYPE: 'redirect'. Allowed: plain, ssl, both or redir
It should be redir, not redirect
There are actually two places:
- MAIN_VHOST_SSL_TYPE=redir
- MASS_VHOST_SSL_TYPE=redir
I`ve added redir to MAIN_VHOST_SSL_TYPE and MASS_VHOST_SSL_TYPE but it is still not redirecting.
It does work fine for me. What is the output of docker logs after applying the above settings?
@may17 is this still an issue for you?
Add required information in order to have it re-opened.
This isn't working for me either. Win 10 1903. Latest master. .env is basically stock sans the IDs.
I confirm the same issue, by setting both MAIN_VHOST_SSL_TYPE and MASS_VHOST_SSL_TYPE to redir no automatic redirect happens from HTTP to HTTPS. I'm on stock (updated) devilbox, apache-2.4 and php-fpm

Generated vhost /etc/httpd/vhost.d/sia.conf in httpd container is missing the redirect option part

<VirtualHost *:443>
ServerName sia.loc
Protocols h2 http/1.1
CustomLog "/var/log/apache-2.4/sia_ssl-access.log" combined
ErrorLog "/var/log/apache-2.4/sia_ssl-error.log"
SSLEngine on
SSLCertificateFile "/etc/httpd/cert/mass/sia.loc.crt"
SSLCertificateKeyFile "/etc/httpd/cert/mass/sia.loc.key"
SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLHonorCipherOrder on
SSLCipherSuite HIGH:!aNULL:!MD5
# Define the vhost to serve files
DocumentRoot "/shared/httpd/sia/htdocs"
<Directory "/shared/httpd/sia/htdocs">
DirectoryIndex index.php index.html index.htm
AllowOverride All
Options All
RewriteEngine on
RewriteBase /
Order allow,deny
Allow from all
Require all granted
</Directory>
# In case for PHP-FPM 5.2 compatibility use 'GENERIC' instead of 'FPM'
# https://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html#proxyfcgibackendtype
ProxyFCGIBackendType FPM
# PHP-FPM Definition
<FilesMatch \.php$>
Require all granted
SetHandler proxy:fcgi://php:9000
</FilesMatch>
<Proxy "fcgi://php:9000/">
ProxySet timeout=180
ProxySet connectiontimeout=180
</Proxy>
# If the php file doesn't exist, disable the proxy handler.
# This will allow .htaccess rewrite rules to work and
# the client will see the default 404 page of Apache
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
RewriteRule (.*) - [H=text/html]
# Alias Definition
Alias "/devilbox-api/" "/var/www/default/api/devilbox-api/"
<Location "/devilbox-api/">
# Allow cross domain request from these hosts
SetEnvIf Origin "http(s)?://(.*)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Location>
<Directory "/var/www/default/api/devilbox-api/">
Order allow,deny
Allow from all
Require all granted
</Directory>
# Deny Definition
<FilesMatch "/\.git">
Order allow,deny
Deny from all
</FilesMatch>
# Deny Definition
<FilesMatch "/\.ht.*">
Order allow,deny
Deny from all
</FilesMatch>
# Custom directives
</VirtualHost>
<VirtualHost *:80>
ServerName sia.loc
Protocols http/1.1
CustomLog "/var/log/apache-2.4/sia-access.log" combined
ErrorLog "/var/log/apache-2.4/sia-error.log"
# Define the vhost to serve files
DocumentRoot "/shared/httpd/sia/htdocs"
<Directory "/shared/httpd/sia/htdocs">
DirectoryIndex index.php index.html index.htm
AllowOverride All
Options All
RewriteEngine on
RewriteBase /
Order allow,deny
Allow from all
Require all granted
</Directory>
# In case for PHP-FPM 5.2 compatibility use 'GENERIC' instead of 'FPM'
# https://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html#proxyfcgibackendtype
ProxyFCGIBackendType FPM
# PHP-FPM Definition
<FilesMatch \.php$>
Require all granted
SetHandler proxy:fcgi://php:9000
</FilesMatch>
<Proxy "fcgi://php:9000/">
ProxySet timeout=180
ProxySet connectiontimeout=180
</Proxy>
# If the php file doesn't exist, disable the proxy handler.
# This will allow .htaccess rewrite rules to work and
# the client will see the default 404 page of Apache
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
RewriteRule (.*) - [H=text/html]
# Alias Definition
Alias "/devilbox-api/" "/var/www/default/api/devilbox-api/"
<Location "/devilbox-api/">
# Allow cross domain request from these hosts
SetEnvIf Origin "http(s)?://(.*)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Location>
<Directory "/var/www/default/api/devilbox-api/">
Order allow,deny
Allow from all
Require all granted
</Directory>
# Deny Definition
<FilesMatch "/\.git">
Order allow,deny
Deny from all
</FilesMatch>
# Deny Definition
<FilesMatch "/\.ht.*">
Order allow,deny
Deny from all
</FilesMatch>
# Custom directives
</VirtualHost>
Would like to be able to help more and debug the vgen generation somehow but as of right now I have no clue where to start!
Re-opening, will have a closer look at vhost-gen.
Any news on this? I would like to help, if some hint can be provided!
It does work on the intranet with MAIN_VHOST_SSL_TYPE=redir. However it does not work on the projects via MASS_VHOST_SSL_TYPE=redir. I am still troubleshooting this.
saw the commit, great work @cytopia, kudos!!!
Now fixed in v1.4.0
Now it is configurable via .env
Most helpful comment
Now it is configurable via
.env